Errata Security Overview Errata Security is comprised of industry veterans that have been involved in almost every facet of cybersecurity. This team has made many of the headlines you have read including predicting new threats and attacker trends to development of cutting edge technology. If you need the best, Errata Security can do product testing to technical consulting and everything in between. We are the answer for an outsourced research team. Errata Security Announcements 08.08.2008 Errata to speak at DefCon Errata Security CEO Robert Graham and CTO David Maynor will be speaking at DEFCON in Las Vegas on Friday, August 8th, 2008. They are presenting a talk about penetration techniques and releasing updated versions of the Hacker Eye View Suite. A summary of the presentation is available here 07.14.2008 AxBan signature list version 4 available. Errata Security released the latest list of vulnerable signatures for the XML file on AxBan 1.5 today. This version will be auto-updated by AxBan 1.5 or later. This updated list covers the Yahoo Messenger and Microsoft Access Snapshot Viewer Active X Controls AxBan 1.5 is available to download here. 06.27.2008 Errata releases AxBan 1.5 Errata Security released AxBan 1.5 today. This version has an auto-update feature for the most up-to-date bad ActiveX Control list. Brian Krebs of the Washington Post Security Fix blog covered the release with an article about the dangers of lurking ActiveX functions. AxBan 1.5 is available to download here. 05.31.2008 Errata CTO speaks at SummerCon Errata Security will be represented at SummerCon in Atlanta, GA with a speech on smartphones and cellular networks. A summary of the talk can be found on the SummerCon site. 05.22.2008 Errata releases AxBan 1.0 AxBan is a tool to kill bit bad ActiveX controls. 04.11.2008 Errata releases LookingGlass 1.1 LookingGlass is a tool designed to help software developers test to see what OS security features are being used. LookingGlass 1.1 is available at the Errata Research page, here. 01.10.2008 Errata releases Ferret 1.1 Errata Security is proud to release the latest version of the Data Seepage detection tool, Ferret. Ferret 1.1 is available at the Errata Research page, here. 09.19.2007 Errata CTO David Maynor release OSX research paper David Maynor published a paper detailing the infamous Apple 802.11 flaw that allows a remote attacker to take control of a victim machine. The paper is availble from Uninformed here. 03.11.2007 Metasploit N800 Step by step instructions, including a link to a working Ruby package, have been added to the Research page. Check out the Research page here. 03.02.2007 Blackhat wrapup: Ferret 1.0 The tools and slides from the Errata Security talk on data seepage have been added to the Research page. Check out the Research page here. 02.17.2007 Hacker Eye View report: Cisco Security Update The initial HEV for new Cisco vulnerabilities has been released to customers. More detailed HEV information for individual vulnerabilities including packet captures of exploits will be shipping early this week. Errata Security is one of less than a handful of vendors that can provide in-depth information on Cisco vulnerabilities. 02.16.2007 Errata Security founders to speak at Blackhat Europe 2007 Robert Graham and David Maynor will make the trip to Amsterdam to brief European security professionals on the dangers of Data Seepage and how to stop it. Blackhat Europe Information here. 02.14.2007 Hacker Eye View report: Microsoft Patch Tuesday Feb 2007 Complete brief analysis of all vulnerabilities announced today has been released to customers. This also includes in-depth analysis and working exploits for all critical vulnerabilities. 01.24.2007 Hacker Eye View report: Cisco security update Security briefs regarding critical Cisco vulnerabilities are now available to customers. A Hacker Eye View report on each of the vulnerabilities will be available soon. Read some of our analysts thoughts at the Erratasec blog. 01.24.2007 Errata Security founders set to speak at Blackhat DC 2007 Errata Security founders Robert Graham and David Maynor will be speaking in Washington DC at the Blackhat Briefings Feb 28th and March 1st. They will be speaking about a threat called data seepage and how it can affect the security of enterprises internal networks. David Maynor will also be giving an updated version of the popular device driver talk with new demos and new targets. For more information visit Blackhat's site for both talks. 01.16.2007 Hacker Eye View report: Oracle quarterly update Analysis briefs on critical vulnerabilities on Oracle patch vulnerabilities have begun to be shipped to customers. Due to the number of issues briefs will be shipped all week with a target of Friday, Jan 19th, for competition of all 51. 01.09.2007 Hacker Eye View report: Microsoft Patch Tuesday Complete brief analysis of all vulnerabilities announced today has been released to customers. This also includes in-depth analysis and working exploits for all critical vulnerabilities. 01.01.2007 Hacker Eye View report: Month of Apple Bugs Errata Security released an in-depth analysis of the first release of the Month of Apple Bugs (MoAB) project. Customers received a detailed analysis including protection and mitigation suggestions a mere 4 hours after the release. A report will be completed for every one of the MoAB issues. 01.01.2007 Errata Security site launched Do you want in-depth information on security vulnerabilities? Do you have a product you want tested by experts? Errata Security is the answer.