attack flaw

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Apple patches Black Hat SMS attack flaw

Apple patches Black Hat SMS attack flawStrangeThis is the first time I have seen Apple coming out with a patch so quickly after the report.RE: Apple patches Black Hat SMS attack flawI hope that patch would be free of charge...

Tags: Text messaging/SMS/MMS, Telephony, Cellular phones, Apple patches Black Hat SMS attack flaw, Apple patches Black Hat SMS, attack flaw, Apple Inc., SMS

Discussion threads 2009-08-03

Why did Microsoft wait 7 years to fix SMBRelay attack flaw?

Why did Microsoft wait 7 years to fix SMBRelay attack flaw?Sour over mis-predicting the patches this month?First off, does anyone proof-read these posts? Multiple typos/grammatical errors make it look like this was rushed out... Anyway.Mentioning the token-kidnapping issue makes me wonder if Ryan is sour that his patch prediction (on...

Tags: SECURITY, Patches, Viruses and worms, anti-MS people, NTLMv2, Admin Access, Microsoft Corp., vulnerability, SMBRelay, SMBRelay attack flaw, Ryan, attack flaw

Discussion threads 2008-11-12

Additional Resources

Microsoft bracing for malware attacks from embedded fonts

Not too worried here......Been using group policy for a long time with font downloads always being disabled for all users on my network. I am patching no doubt, but much less concerned knowing I have always had this blocked. I'm coveredno windoze , no threat.Again with the fear...

Tags: Microsoft Windows 7, Microsoft Windows Vista (Longhorn), Operating systems, font, Microsoft Windows, malware attack, Microsoft Windows XP, Microsoft Windows Vista, malware, Windows7, Microsoft Corp.

Discussion threads 2009-11-12

Hundreds of Facebook groups hijacked

Facebook groups are under attack. But the attackers say they come in peace and insist they want only to highlight a flaw in the way Facebook handles group administration. Facebook groups are under attack. But the attackers say they come in peace and insist they want only to highlight...

Tags: Facebook, Workforce Management, Human Resources, Facbook, attack, security, Don Reisinger CNET News

News items 2009-11-10

Source code for ikee iPhone worm in the wild

iPhone is officially the most malware ridden mobile platform in the worldAnd since the "bad guys" always go after low hanging fruit, that [b]proves[/b] that iPhone is the [b]least[/b] secure mobile platform in the world. Buy an iPhone if you want to be infected [b]within seconds[/b] by malware [b]that requires...

Tags: Smart phones, Cyberthreats, Apple iPhone, jailbreak, Apple Inc.

Discussion threads 2009-11-10

Windows 7's default UAC bypassed by 8 out of 10 malware samples

RE: Windows 7's default UAC bypassed by 8 out of 10 malware samplesyawnWho can I trust *now*....Even Ed Bott said '7' was more secure!The Windows Infect Season is not over yet.. Nothing's changed.... That people even USE Windows these days is quite remarkable.... It must be the power of habit...

Tags: Spyware, adware & malware, Cyberthreats, Viruses and worms, SECURITY, Operating systems, Microsoft Windows, malware, UAC, Microsoft Windows 7

Discussion threads 2009-11-05

Zero-day flaw found in web encryption

Bad oneBecause the bug is actually in the spec and because of an incomplete spec there is no obvious solution which will not risk breaking a lot of software.On the positive side, the vuln can only be exploited by someone on the network path (it is a man-in-the-middle attack), which...

Tags: NETWORKING, SECURITY, Web, zero-day bug

Discussion threads 2009-11-05

New LoroBot ransomware encrypts files, demands $100 for decryption

You forgot to mention....which OSs it affects! Or is it based on something multi-platform like Java?Look at the bigger size version of the screenshot, it's all in thereA lot of russian characters and...YES, you guessed it right, the word "windows" prominently displayed in red in the title.Who would ever thought...

Tags: Spyware, adware & malware, Cyberthreats, LoroBot, decryption, malware

Discussion threads 2009-10-27

Snowe and enemies push health reform forward

Of course . . ."But the story is not yet told, and the trolls below will have their day."Of course. Your way is so right and everybody else is so wrong.at this point If they SO against the health reform let them have it there way since they...

Tags: Vertical industries, Benefits, HEALTHCARE, health care

Discussion threads 2009-10-14

News to know: Oracle; Sidekick; Win7 party; Google; Yahoo Hack day

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Jason Hiner: Ellison rips IBM, shows off Sun-Oracle benchmarks, offers $10M prize Scott McNealy names Sun's top 10 tech...

Tags: Google Inc., Larry Dignan, Oracle Corp., Information Technology, Yahoo! Inc., Dana Blankenhorn, Ryan Naraine, Sam Diaz, Microsoft Windows 7, Microsoft Windows, Federal Government, Internet, Strategy, Operating Systems, Software, Government, Management

Blog posts 2009-10-12

New Adobe PDF flaw under attack; Patch coming Tuesday

Note to all Knuckleheads....The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIXWhy announce at all? Just fix the thingI'm getting really tired of any company that gives the ostensibly obligatory "We're on that!" and then it's some time before the fix comes. These...

Tags: Operating systems, SECURITY, Microsoft Windows, Windows IS, Adobe PDF flaw, flaw, Adobe PDF, operating system, Adobe Systems Inc., attack

Discussion threads 2009-10-09

New Adobe PDF flaw under attack; Patch coming Tuesday

Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers. by Ryan Naraine

Tags: Adobe PDF, Flaw, Attack, Security, Ryan Naraine

Blog posts 2009-10-09

News to know: IDF; Skype; New neutrality; HP; Palm; Madoff

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. John Morris: Intel: 32nm is just the beginning Sam Diaz: Intel on laptop chips: Speed kills Mary Jo...

Tags: Larry Dignan, Richard Koman, Hewlett-Packard Co., Twitter Inc., Palm Inc., Andrew Nusca, Skype Technologies S.A., Laptop Computer, Intel Corp., Netbooks, Nettops & MIDs, Microsoft Windows, Notebooks, Hardware, Operating Systems, Software, Notebooks & Tablets, Sam Diaz

Blog posts 2009-09-24

From Gimmiv to Conficker: The lucrative MS08-067 flaw

Danger Will Robinson, Danger.[i]By December 2009, a second variant appeared with new propagation techniques ? spreading via removable and mapped drives, and network shares with weak passwords. This updated worm also started blocking access to anti-virus and security-related sites.[/i]You either have a typo or a time machine. December...

Tags: Linux, PRODUCTIVITY, Microsoft Windows, Patches, Common-sense, Microsoft Corp., financial danger, computer

Discussion threads 2009-09-23

News to know: Apple; AT&T; Google Books; Palm Pixi; Verizon; Best Buy-Microsoft

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Sam Diaz: Live blog from Apple's "It's only Rock n Roll" event Apple afterthoughts: The real news is what...

Tags: Google Inc., Larry Dignan, Apple iPod, Palm Inc., Verizon Communications Inc., Andrew Nusca, Mary Jo Foley, AT&T Corp., Apple Inc., Microsoft Corp., Sam Diaz, Linux, Digital Music, Digital Media, Government, Operating Systems, Software, Personal Technology, Consumer Electronics

Blog posts 2009-09-10

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Microsoft has issued a formal security advisory to confirm the remote reboot flaw in its implementation of the SMB2 protocol, going a step further to warn that a successful attack could lead to remote code execution and full system takeover. by Ryan Naraine

Tags: Vulnerability, Execution, Microsoft Corp., Security, Ryan Naraine

Blog posts 2009-09-09

Windows 7, Vista exposed to 'teardrop attack'

Vulnerable by default?[i]Exploit code for a remote reboot flaw in Microsoft's implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95.[/i]I presume this attack is able...

Tags: Firewalls, Network security, SECURITY, NETWORKING, Microsoft Windows Vista, firewall, Network Address Translation, Microsoft Windows, software firewall, Microsoft Windows 7, attack

Discussion threads 2009-09-08

Windows 7, Vista exposed to 'teardrop attack'

Exploit code for a remote reboot flaw in Microsoft's implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to teardrop attacks. by Ryan Naraine

Tags: Microsoft Windows Vista, Attack, Microsoft Windows 7, Microsoft Windows, Microsoft Windows Vista (Longhorn), Security, Operating Systems, Software, Ryan Naraine

Blog posts 2009-09-08

Virtualization: a good idea but still some growing pains to consider

It's a solution in search of a problemHow on earth is virtualization going to reduce complexity? The only way to reduce complexity is to use *one* platform of course.[Repeat]How on earth is virtualization going to increase security? The holes in windows will still be there, won't they?This shouldn't sell.Show me...

Tags: cloud computing, Storage management, Utility computing, Servers, virtualization, server, security, VMware Inc.

Discussion threads 2009-09-02

Microsoft confirms IIS zero-day flaw; Exploit code published

Can I summarize?First you need to not only install IIS, you also need to install the FTP functionality in IIS. Got it.[i]Also, remember that only servers that allow untrusted users to log on and create arbitrary directories are vulnerable.[/i]Then you have to configure your FTP server to allow anyone to...

Tags: SECURITY, zero-day bug, Microsoft Corp., Microsoft IIS Server, exploit code

Discussion threads 2009-09-01