"breaking 104 bit wep in less than 60 seconds", erik tews, ralf-philipp weinmann and andrei pyshkin.
SHA-1 collisions now 2^52. Cameron McDonald, Philip Hawkes and Josef Pieprzyk. "Practical collisions are within resources of a well funded organisation."
Reprinted from: CACM 27/8, pp. 761-763 » .
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.
Bypassing Browser Memory Protections. Setting back browser security by 10 years. Alexander Sotirov, Mark Dowd.
0-Day Patch Exposing Vendors (In)security Performance. Stefan Frei, Bernhard Tellenbach, and Bernhard Plattner.
using cpu system management mode to circumvent operating system security functions. loïc duflot, daniel etiemble, olivier grumelard.