Nice reads
- DEP and ASLR explained: On the effectiveness of DEP and ASLR
http://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx - An incident …: The Week to Top All Weeks
http://isc.sans.edu/diary.html?storyid=10078 - Malware analyzed: Man-In-The-Browser: The power of JavaScript at the example of Carberp
http://trustdefender.com/trustdefender-labs-blog-man-in-the-browser-the-power-of-javascript-at-the-example-of-carberp.html