12.10.6 TwinCAT Scope Heap Based Buffer Overflow

********************** Sponsored By F5 Networks, Inc. *******************

WHITE PAPER: PROTECTING FEDERAL SYSTEMS FROM ADVANCED PERSISTENT THREATS In today’s multilayered attacks against government systems, one of the key entry points is through web applications. This SANS Institute paper discusses how to set policies to develop secure applications and protect against known and unknown threats throughout the application’s lifetime.

http://www.sans.org/info/101114

************************************************************************** TRAINING UPDATE — SANS Mobile Device Security Summit: The Growing and Constantly Changing Challenge, Nashville, TN Summit: March 12-13, 2012; Post-Summit Courses: March 14-15, 2012 Mobile device security experts and practitioners from organizations that have implemented successful programs will discuss the most promising approaches to this new and evolving challenge. http://www.sans.org/mobile-device-security-summit-2012/ –SANS 2012, Orlando, FL March 23-29, 2012 40 courses. Bonus evening presentations include Exploiting Vulnerabilities: 60 Minutes from Discovery to Exploit; Evolving Threats; and Harbinger of Evil: The Forensic Art of Finding Malware. http://www.sans.org/sans-2012/ –SANS Northern Virginia 2012, Reston, VA April 15-20, 2012 7 courses. Bonus evening presentations include Linux Forensics for Non-Linux Folks; and Who Do You Trust? SSL and TLS Under Attack http://www.sans.org/northern-virginia-2012/ –SANS Cyber Guardian 2012, Baltimore, MD April 30-May 7, 2012 11 courses. Bonus evening presentations include Ninja Assessments: Stealth Security testing for Organizations; and Adjusting Our Defenses for 2012. http://www.sans.org/cyber-guardian-2012/ –SANS AppSec 2012, Las Vegas, NV April 24-May 1, 2012 Listen to two of the best minds in Application Security, Jeremiah Grossman and Chenxi Wang, at the AppSec Summit. Maximize your training by also attending one or more of the 4 pre-summit courses. http://www.sans.org/appsec-2012/ –SANS Secure Europe 2012, Amsterdam, Netherlands May 7-19, 2012 12 courses. http://www.sans.org/secure-amsterdam-2012/ –SANS Security West 2012, San Diego, CA May 10-18, 2012 24 courses. Bonus evening presentations include Metametrics – A New Approach to Information Security Management Metrics; and Malware Analysis Essentials Using REMnux. http://www.sans.org/security-west-2012/ –SANS Rocky Mountain 2012, Denver, CO June 4-9, 2012 10 courses. Bonus evening presentations include Adjusting Our Defenses for 2012; and Why Do Organizations Get Compromised? http://www.sans.org/rocky-mountain-2012/ –Looking for training in your own community? http://www.sans.org/community/ Save on On-Demand training (30 full courses) – See samples at http://www.sans.org/ondemand/discounts.php#current Plus Abu Dhabi, Toronto, Brisbane, and Bangalore all in the next 90 days. For a list of all upcoming events, on-line and live: http://www.sans.org/index.php **************************************************************************