Posts Tagged Under: security

A Printf’s Chink in the Door

There is a rich history of programming exploitation which makes use of the insecurity of the C memory model. To counteract the threats of memory corruption attacks, several techniques have been implemented. The problem still remains though, and since the programmer is responsible for making all the checks, even the most restrictive protection schemes have their limitations.

Radu is a Junior C/C++ software engineer on the Hubgets Core team. Since memory corruption attacks are something every programmer should be aware of, he came up with the idea of writing the current article, where he explains how some of these memory corruption attacks may happen, indicating a set of solutions that are presently applied to prevent them. You’ll also find a series of tips on how, under specific circumstances, one can use printf to inject instructions even under stiff security constraints.

Read More

Security-as-an-Excuse

Tucked inside Forrester’s Cloud Predictions for 2016 is a tidbit about cloud security that I simply gave to share with our readers. Consider it a “quote of the day” substitute. But first, some context.

Analysts predict that, after reaching mainstream appeal in 2015, the cloud is set to shift into the next gear with the focus on expanding use cases and automation. As a result of this, the big boys will get bigger, and small players will have to up their game or die. Specifically, 2016 will be a shakeup year which will force many current providers to refocus on a narrower field, retreat from cloud or exit

Read More

Security No Longer the ‘Top Worry’ in Cloud Computing

Photo by Matthew Henry on Unsplash

Chief Technology Officers (CTO) and Chief Executive Officers (CEOs) in today’s competitive landscape are often faced with making the tough decision to move operations (partially or entirely) to the cloud. This means letting go of legacy infrastructures – such as on-premises PBX phone systems – and embracing the versatility of Internet-based solutions.

For most of its existence, the cloud – particularly business-oriented cloud solutions – has been plagued by one major concern: security. It’s understandable. Keeping your data locked in a room on your site offers a sense of control. But it’s no safer than in a data center managed by experts who make it their business to secure the data. Data centers are a solid investment today, and executives are beginning to wake up and smell the roses.

Read More

Kaspersky: When You Get Hacked, The First Wise Thing To Do Is Pray

At this year’s WHD.global – the world’s biggest event for the hosting community – revered figures in the tech industry booked some stage time to discuss the latest trends, including ever-pressing matters like security.

Keen to hop on the WHD bandwagon with an eye on today’s networked world was none other than Eugene Kaspersky, the CEO of the namesake security company whose antivirus software runs on millions of computers worldwide.

The Russian malware crusader kicked off his video-streamed talk noting that traditional crime is moving into the cyberspace, while established cyber-criminals are getting much better at what they do. In short, malware is on the rise. Hardly a surprise since malware is always on the rise. The more interesting disclosures were yet to come.

Read More

Senior Security Engineer Wanted

In a previous article we detailed on the team called Team Support. This is basically the team that provides the other 4PSA teams with input and resources so that they can work more efficiently.

Our latest opening in the Team Support (Bucharest, Romania) is quite an interesting one – Senior Security Engineer. What is this position doing in Team Support, you might ask… Two reasons: the person filling this position is going to report directly to upper management and in order to be efficient she/he should not be “corrupted” by a product team.

Read More