New hacker tactics

Date: October 22, 2006
Source: ITnews.com.au
By: Gregg Keizer

Metasploit, which regularly publishes exploit code for its flagship open-source attack testing platform, has released a new module designed to disguise any browser exploit from detection by signature-based defenses, Symantec warned on Tuesday.

HD Moore, Aviv Raff, and someone identified only as "LMH" have created VoMM (for eVade-o-Matic Module), which when applied to any browser exploit code, hides the exploit from static signature-based detection systems.

Static detection - where a specific signature is created to identify each exploit - is used by many anti-virus products; the alternative, a generic signature that can spot an entire class of Web-based vulnerabilities, is harder to design and develop, said Symantec.
Original article

---

Add comment  Email to a Friend