Didier Stevens is an IT security consultant working for a large financial corporation in Belgium. In this video recorded at Hack in The Box 2012 Amsterdam, Didier talks about hardening Windows processes and he discusses Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). Didier also introduces HeapLocker, his open source tool that mitigates heap spray attacks. Like Microsoft’s EMET, HeapLocker will pre-allocate virtual memory pages to protect the addresses often used in exploits with heap sprays. However, HeapLocker can go one step further than EMET – it can inject its own shellcode to warn the user in case of an attack. HeapLocker can also pre-allocate memory page zero. To detect heap sprays in action, HeapLocker monitors private memory usage and it can also monitor the application’s memory for NOP-sleds. For more information security news, articles, tips and tricks visit Help Net Security: www.net-security.org
Tag Archives: conference
OSCON 2010: Panel Discussion, "Open Source and the Cloud"
oscon.com Rick Clark (Rackspace Cloud), Neil Levine (Canonical), Marten Mickos (Eucalyptus Systems), James Urquhart (Cisco Systems, Inc.), “Open Source and the Cloud”
SXSW 2010: – Is WordPress Killing Web Design
Is WordPress killing web design? Leading creatives from the world of web design debate whether CMS tools have made designers lazy, and created a new set of design conventions that designers feel obliged to follow.
Matt Mullenweg – Open source as a philosophy
Matt Mullenweg, founder and lead developer of the WordPress publishing platform, explains how the open source philosophy and “Golden Rule” apply not only to technology — but to such fields as politics, economics and environment. Recorded at Wordcamp Montreal 2009 by Christian Aubry. Licence: Creative Commons BY-SA.