SHA-1 collisions now 2^52. Cameron McDonald, Philip Hawkes and Josef Pieprzyk. "Practical collisions are within resources of a well funded organisation."
Bypassing Browser Memory Protections. Setting back browser security by 10 years. Alexander Sotirov, Mark Dowd.
HITBSecConf2008 Presentation Announcement: Remote Code Execution Through Intel CPU Bugs. Kris Kaspersky.
session papers of the first usenix workshop on large-scale exploits and emergent threats.
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.
Fingerprinting Passports. Henning Richter, Wojciech Mostowski, and Erik Poll.
0-Day Patch Exposing Vendors (In)security Performance. Stefan Frei, Bernhard Tellenbach, and Bernhard Plattner.