attack vector

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Microsoft ships fixes for Excel, WordPad malware attacks

Microsoft's April batch of security patches are out:  8 bulletins with patches for at least 20 documented vulnerabilities. The most serious of the flaws could lead to remote code execution attacks that give a malicious hacker complete ownership of a vulnerable machine.  This month's fixes cover several...

Tags: Vulnerability, Malware, Microsoft Internet Explorer, Microsoft Corp., Attack Vector, Microsoft Excel, Attack, Security, Ryan Naraine

Blog posts 2009-04-14

AVG: Protecting Your Computer From Tomorrow's Threats Today

Security used to be a straightforward matter. E-mail was the primary attack vector and simply installing an anti-virus product and exercising caution when opening attachments mitigated the majority of threats. When a system did become infected, the consequences were not usually particularly dire; inconvenience and data loss were the most...

Tags: Antivirus, Threat, Attack Vector, Computer, AVG Technologies, Security, Viruses And Worms

White papers 2009-04-02

WordPress shuts door on new PHP attack vector

WordPress shuts door on new PHP attack vectorHopefully this fixes the the problems we've seen with hacked WP sitesLast spring I discovered that one of our public blogsite servers was under attack by hundreds of compromised WordPress servers. While our security layers have learned to detect and deflect these...

Tags: Scripting languages, Wordpress, new PHP attack vector, PHP attack vector, attack vector, PHP

Discussion threads 2008-09-09

WordPress shuts door on new PHP attack vector

The WordPress patching hamster wheel keeps on rolling and rolling. According to an advisory from maintainers of the open-source blog software, WordPress 2.6.2 was released on September 8 to mitigate a new attack vector discovered by PHP security guru Stefan Esser. From the announcement:...

Tags: Password, PHP, Attack Vector, Wordpress, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2008-09-08

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms race

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms raceSounds like the Human component is still neededWith Enterprise 2.0 we seem to want to take the human element out of the picture as much as possible, but at the same time, when we have...

Tags: Web site development, Web technology, malware, Websense Inc., Web site, attack vector

Discussion threads 2008-02-19

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms race

Gene Hodges, CEO of Websense, has had a busy year. The company has integrated the acquisition of SurfControl, built out its security suite and delivered strong financial results. "Last year was one of rapid change," said Hodges, referring to the integration of SurfControl and removing 50 percent...

Tags: Software, Web, Suite, Antivirus, Websense Inc., Malware, Antivirus Software, Attack Vector, Attack, Data Loss Prevention, Europeans, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Larry Dignan

Blog posts 2008-02-19

Microsoft privacy guru's site hacked

Microsoft privacy guru's site hackedROTFLMAO !!!This one was priceless . How can Microsoft's Security Guru site get hacked ? Oh my all the MS fanboys claim that Microsoft products are so secure . "In a world without walls and fences , who needs windows and gates."How can this be? It...

Tags: Web servers, Linux, Operating systems, UNIX, OPEN SOURCE, Construction, America Online Inc., Microsoft privacy guru, Microsoft Privacy, Microsoft Corp., operating system, attack vector

Discussion threads 2007-10-29

IE users beware: RealPlayer zero-day flaw under attack

IE users beware: RealPlayer zero-day flaw under attackWait a minute!According to what I've read from the Microsoft drones, IE is supposed to be "operating in a sand box".How is it possible to be attacked by a flaw while it's "in a sand box"? (unless it's a sand booger, of course)But...

Tags: Web browsers, Apple Mac OS X, Operating systems, sentance, Leopard, ActiveX, Microsoft Corp., Microsoft Internet Explorer, RealNetworks RealPlayer, Linux, attack vector, Apple Macintosh

Discussion threads 2007-10-19

Firefox ships 'fix' for QuickTime attack vector

Firefox ships 'fix' for QuickTime attack vectorThe patch to the patch of the patch that Apple failed to patch[i]Apple also attempted a fix for this issue in February 2007[/i]Doesn't Apple test anything it releases? Typical Apple quality.snicker, smirk :)Is this a Quicktime bug?Or another example of the Microsoft Windows URI...

Tags: Digital music, Web browsers, Digital media, Apple QuickTime, Mozilla Firefox, QuickTime attack vector, Apple Inc., attack vector

Discussion threads 2007-09-18

QuickTime-Java 'attack vector' reported: now can affect all browsers

QuickTime-Java 'attack vector' reported: now can affect all browsersAbbreviationsYour use of "QT" for "QuickTime" is confusing, since the Safari browser is based on the QT cross-platform library from TrollTech.It's not Qt...that Safari uses. Specifically, Safari uses the KHTML rendering engine used in Konqueror.

Tags: Web browsers, Apple Safari, QuickTime-Java, attack vector, Web browser

Discussion threads 2007-04-25

Additional Resources

Less than 24-hours on and a potential Windows 7 Achilles' heel surfaces

3 Words for you...Windows Live Essentials...Saves on bloat?It was nothing to do with that. Microsoft have said that they unbundled a lot of things from the OS build as it allowed for easier and more frequent updates.Good point.I use Hotmail but also use Live Mail on my own machines as...

Tags: Microsoft Outlook, Operating systems, Groupware, E-mail providers, e-mail, Microsoft Windows, Windows Mail, Microsoft Corp., Microsoft Windows 7

Discussion threads 2009-10-23

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Another "researcher" makes a name for himself.So, just why was it necessary for for this Bozo to actually "create and release the code" for the exploit? Let me guess. His company makes money by hyping up the level of fear. See their web page where they say...

Tags: Firewalls, SECURITY, Network security, Patches, Microsoft Windows, Windows SMB2, attack, firewall, antivirus

Discussion threads 2009-09-29

Apple up to its old tricks, pushing unwanted software onto PCs

I've experienced exactly what Ed described.I get it every time iTunes is updated.No. A PC running Windows XP.I need iTunes for my iPhone.Hmmm ...Hmmm, I've had several APPL updates come in on several systems, and I've not seen that ... odd. Tried replicating on another system?I've even checked for .........

Tags: Digital music, Digital media, software, Apple iTunes, Apple Inc., iTunes 9, old trick, Apple iPhone, PC

Discussion threads 2009-09-27

Microsoft plays the security card in response to Google's Chrome Frame

"Latest" phishing/malware data from NSS Labsapplies to Chrome 2. The most current Chrome is 3.0.195.21. I'm not surprised Microsoft mentions it though; they need to say something. Concering Chrome running inside IE..Yea I think they do, sort of. Correct me if I'm wrong but in Vista and beyond that plugin...

Tags: Web browsers, Microsoft Internet Explorer, plug-in, Microsoft Corp., Google Inc., security, security card, Chrome, Microsoft Internet Explorer 6, Google Chrome

Discussion threads 2009-09-24

Hijacking Windows System Restore for cybercrime profits

welp.... they are finally getting a taste of their own crap.I wonder what they are doing. We use steadystate on all of our machines. Reboot the machine and everything is restored.Maybe they should move from a PC based environment to a terminal server like system. Each reboot...

Tags: Terminal services, system restore, Hijacking Windows System Restore, cybercrime profit, SteadyState, operating system, terminal server, security

Discussion threads 2009-09-23

Why open source remains an ideological divide

Oh that was superb.Open Source.Stand for something! :)you are ideological from the startIf you want to remove ideology from the equation your clearly state your needs - functionnal, commercial and technical support ... etc, and compare available solutions.Price might be a key factor and it might not; availability of srouce...

Tags: Tools & Techniques, OSS, open source

Discussion threads 2009-09-07

Apple confirms malware protection in Snow Leopard

They say Americans don't understand ironyNo irony there, Jason. Any degree of immunity that OS X has to malware is exactly because of such measures.I am gonna love.....to see the people make excuses for the reason for this. You can't say one thing and then do another in the...

Tags: Cyberthreats, Spyware, adware & malware, Viruses and worms, SECURITY, Spyware, Pwn2Own, virus, malware, trojan horse, Apple Inc.

Discussion threads 2009-08-27

Firewire-Based Physical Security Attacks on Windows 7, EFS and BitLocker

This paper discusses Firewire-based physical security attacks on Microsoft Windows 7. In the course of research, it was successfully able to bypass the Windows 7 RTM authentication check and logon with any password. While the attack vector itself is not new, also it describes the impact of Firewire-based Windows authentication...

Tags: Physical Security, BitLocker, Attack, Microsoft Windows 7, FireWire, Microsoft Windows, Consumer Electronics, Personal Technology, Operating Systems, Software

White papers 2009-08-13

Twitter knocked offline by DDoS attack; Koobface returns with a twist

Popular microblogging service Twitter was knocked offline for an extended period this morning by what appears to be a massive distributed denial-of-service attacks. Twitter confirmed the outage was linked to malicious attackers in a brief status message posted around 11:00 a.m EST. We are...

Tags: Ryan Naraine

Blog posts 2009-08-06

Hacker demos persistent Mac keyboard attack

Hacker demos persistent Mac keyboard attackHa ha, hah ah ahahahhah... Mac Security.God... is Apple still running smug "we are so secure" commercials?Doesn't this require physical access to the keyboard?In order to embed a firmware into the keyboard, wouldn't one need physical access to that keyboard? Or are we...

Tags: Keyboards, Physical Access, Apple Macintosh, keyboard, firmware

Discussion threads 2009-08-03