SECURITY

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

OS SECURITY scorecard for Q1 08 - Do patch numbers mean anything to anyone?

Jeff Jones, director of security strategy for Microsoft, has published two papers this week which look at OS vulnerabilities. According to Jones, Windows sees fewer patches than any of the other operating systems looked at. If you're in the mood for a read, here are the papers:...

Tags: Security, Operating System, Patch Management, Patches, Microsoft Windows, Operating Systems, Software, Adrian Kingsley-Hughes

Blog posts 2008-05-15

DIY phishing kits introducing new features

What are some of the main factors for the increase of phishing attacks, and their maturity from passive emails to blended threats attempting to not just steal personal information, but also infect with malware by embedding client-side vulnerabilities at the pages? It's all a matter of perspective, which in this...

Tags: Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Dancho Danchev

Blog posts 2008-05-15

Safari "Carpet Bomb" attack information released

Nitesh Dhanjani released information about some of his newest research on the Safari web browser this morning, and interestingly enough, Apple has decided NOT to fix some of the issues he presented. Dhanjani reported three issues, as follows below from his blog: 1. Safari Carpet Bomb.It...

Tags: HTML, Apple Safari, Apple Inc., Issue, Safari Carpet Bomb.It, Security, Nathan McFeters

Blog posts 2008-05-15

Virtualization and SECURITY

It's easy to spot market trends when many vendors call to schedule meetings and all of them want to speak about the same topic. The topic du mois is security in virtualized environments. Some of the suppliers are taking a very broad view of both security and virtualized environments. Others...

Tags: Network, Environment, Virtual Machine, Virtual Machine Software, Virtualization, Security, Hardware, Dan Kusnetzky

Blog posts 2008-05-15

News to know: Comcast-Plaxo; Icahn-Yahoo; Linux; Microsoft

Notable headlines: Larry Dignan: Comcast buys Plaxo: Will social networking and TV fly? Dennis Howlett: Comcast scoops up Plaxo: good move Dan Farber: Comcast goes social with Plaxo acquisition Techmeme EIC podcast: HP-EDS; Google; SaaS Adrian...

Tags: Plaxo Inc., Google Inc., Larry Dignan, Comcast Corp., Workday, Microsoft Corp., Zoho, Linux, Microsoft Windows, Desktops, Rootkits, Microsoft Windows Vista (Longhorn), Operating Systems, UNIX, Software, Hardware, Security, Spyware, Adware & Malware

Blog posts 2008-05-15

RQ SpamFinish (zip)

RQ SpamFinish allows you delete spam automatically or manually before download it to your computer. This Anti spam tool based on black and white-list and compare the messages fields [From], [To] and [Subject] with this lists. If message contain text from blacklist and not contain text from whitelist, it can...

Tags: Message, MiraSoftware, RQ SpamFinish, Spam, Productivity, Cyberthreats, Viruses And Worms, Security, Spam And Phishing

Software downloads 2008-05-15

With the Quickness: HD Moore sets new land speed record with exploitation of Debian/Ubuntu OpenSSL flaw

So, for those who haven't heard, a Debian packager modified the source used for OpenSSL on Debian based systems Debian and the whole of the Ubuntu family to remove the seed used for PRNG Pseudo Random Number Generator used when creating SSL keys.  Well, HD Moore set a new record...

Tags: OpenSSL, SSH, Debian, Key, Flaw, HD, ID, Ssl/Tls, Operating Systems, Open Source, Security, Software, Nathan McFeters

Blog posts 2008-05-14

SECURITY Researcher to release Cisco rootkit at EUSecWest

According to good friend Robert McMillan of IDG News, Sebastian Muniz, a researcher with Core Security Technologies, has developed malicious rootkit software for Cisco's routers, which he will release on May 22 at the EuSecWest conference in London.  This will mark the first time at least publicly that someone has released a...

Tags: Black Hat, Cisco IOS, Router, Cisco Systems Inc., Robert McMillan, Rootkits, Security, Spyware, Adware & Malware, Nathan McFeters

Blog posts 2008-05-14

Spam king, phishing buddy hit for $200m

Spam king Sanford Wallace and phishing buddy Walter Rines hijacked some 300,000 MySpace accounts and sent hundreds of thousands of spam messages and comments across the service. They got their punishment today: a whopping $225 million judgment in favor of MySpace, Information Week reports. "By using hijacked...

Tags: MySpace, Phishing, Spam, Cyberthreats, Viruses And Worms, Security, Spam And Phishing, Richard Koman

Blog posts 2008-05-14

Content Protection madness on Vista

[UPDATE: For more on this issue, check out this post.] I'm a firm believer in the idea that if you pay for hardware, you should be able to make full use of it. However, DRM and content protection mechanisms are increasingly making this difficult for people. ...

Tags: Screen, Microsoft Windows Vista, Cintiq, DVD, Consumer Electronics, Microsoft Windows Vista (Longhorn), Digital Rights Management (DRM), Personal Technology, Home Entertainment, Operating Systems, Microsoft Windows, Software, Security, Adrian Kingsley-Hughes

Blog posts 2008-05-14

MySpace's big spam win: Will it really be a deterrent?

MySpace won statutory damages of more than $230 million against spammers Stanford Wallace and Walter Rines, but the big question is whether this ruling--delivered in the Federal District Court in Los Angeles--will act as a deterrent. To be sure, MySpace's win see court order PDF has some...

Tags: MySpace, Stanford Wallace, User Engagement, Cyberthreats, Spam, Phishing, Viruses And Worms, Security, Spam And Phishing, Larry Dignan

Blog posts 2008-05-14

Veil (exe)

Have you ever thought that you can hide a file or a folder behind another file? If you have thought about it before but you don't know how to work that up, Veil will do the job for you. Veil not just only hide your file or folder, it also...

Tags: File, HideIT, Recruitment & Selection, Security, Human Resources, Workforce Management

Software downloads 2008-05-14

Simple Cafe (zip)

Coin controlled cyber cafe software, SimpleCafe is a complete content filter and security system preventing access to the operating system and coin controlled environment, SimpleCafe can be used with most browsers but is optimize for Internet Explorer 7 to act as content filtering for open access systems or in the...

Tags: CyberD, Content Management, Internet, Web Browsers, Security, Enterprise Software, Software

Software downloads 2008-05-14

Attack of Xolotl (zip)

Xolotl is attacking your people with meteors and lightings, you must throw away the meteors and shield your people from the lightings as long as possible. Upload your high score to the online high score list when you lose. This version is the first release on CNET Download.com.

Tags: Score, Attack, Venus Duel Productions, Xolotl, Security

Software downloads 2008-05-14

RAT Rescue Center (zip)

RAT Rescue Center is a generic tool aimed to provide all features needed to analyze and remove most malwares from computers operating the Windows systems. This software includes all the tools that a professional security expert will need to analyze, then remove trojans from Windows computers. Includes Advanced System Restrictions...

Tags: Tool, Computer, Alex Movsessian, RAT Rescue Center, Microsoft Windows, Productivity, Spyware, Adware & Malware, ActiveX/COM/COM+/DCOM, Operating Systems, Security, Viruses And Worms, Software, Software Development, Software/Web Development

Software downloads 2008-05-14

Task Manager Viewer (zip)

In some computers infected with viruses note disappearance TaskManger, so this software will Force TaskManager to appear, you test display and hide your task manger without risk, this software is developed by Delphi6. This version is the first release on CNET Download.com.

Tags: Software, Disappearance, Mihoubi Yacine Informatics, Tools & Techniques, Cyberthreats, Productivity, Management, Security

Software downloads 2008-05-14

Craigslist fires back at eBay; Bogus Google ads to Kijiji alleged

Craigslist has filed its response to eBay's lawsuit and the company hits back--hard. Craigslist alleges that eBay participated in everything from "unlawful and unfair competition," false advertising, business interference and even phishing attacks. The official list via Craigslist: "We filed a complaint in California today, charging...

Tags: Google Inc., Craigslist, Advertisement, eBay Inc., Phishing, Cyberthreats, Security, Spam And Phishing, Larry Dignan

Blog posts 2008-05-13

Details, details, details... more on the Microsoft flaws from today

Thought I'd explore some of these bugs a bit more... first, Tipping Point released one of the vulnerabilities that Larry reported earlier, listed as a stack overflow issue in Microsoft Office Jet Database Engine.  The stack overflow isn't what's interesting, what's interesting is the attack vector itself.  To be fair to...

Tags: Vulnerability, Microsoft Corp., Database Engine, iDefense, Flaw, Exploitation, Microsoft Word, Word Processors, CSS, Microsoft Office, Security, Databases, Office Suites, Software, Scripting Languages, Software/Web Development, Web Development, Enterprise Software, Data Management, Nathan McFeters

Blog posts 2008-05-13

McAfee isn't "McAfee Secure" or "Hacker Safe"

McAfee isn't "McAfee Secure" or "Hacker Safe"McAfee not a security companyI've been saying this for a while, albeit mostly regarding Symantec. This still applies to McAfee, though: An antivirus company, does not a security company make.Though still an unpopular idea, the concept of antivirus does not comply with standard, universal...

Tags: McAfee Inc., security company, security

Discussion threads 2008-05-13

Microsoft plugs Office leaks; Delivers 4 critical patches

Microsoft on Tuesday delivered four critical patches for vulnerabilities Office and Windows XP. There were six patches delivered. Here's a look by the CVE: CVE-2008-1091: Microsoft patched an object parsing vulnerability in Microsoft Word. Affected software includes Office 2000, 2003 and 2007. Microsoft explains:...

Tags: Microsoft Word, Attacker, Microsoft Office, Vulnerability, Patch Management, Microsoft Corp., Zero Day Initiative, Security, Larry Dignan

Blog posts 2008-05-13