attack vector

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

WordPress shuts door on new PHP attack vector

WordPress shuts door on new PHP attack vectorHopefully this fixes the the problems we've seen with hacked WP sitesLast spring I discovered that one of our public blogsite servers was under attack by hundreds of compromised WordPress servers. While our security layers have learned to detect and deflect these...

Tags: Scripting languages, Wordpress, new PHP attack vector, PHP attack vector, attack vector, PHP

Discussion threads 2008-09-09

WordPress shuts door on new PHP attack vector

The WordPress patching hamster wheel keeps on rolling and rolling. According to an advisory from maintainers of the open-source blog software, WordPress 2.6.2 was released on September 8 to mitigate a new attack vector discovered by PHP security guru Stefan Esser. From the announcement:...

Tags: Password, PHP, Attack Vector, Wordpress, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2008-09-08

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms race

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms raceSounds like the Human component is still neededWith Enterprise 2.0 we seem to want to take the human element out of the picture as much as possible, but at the same time, when we have...

Tags: Web site development, Web technology, malware, Websense Inc., Web site, attack vector

Discussion threads 2008-02-19

Websense CEO Gene Hodges on attack vectors, the future of AV and the malware arms race

Gene Hodges, CEO of Websense, has had a busy year. The company has integrated the acquisition of SurfControl, built out its security suite and delivered strong financial results. "Last year was one of rapid change," said Hodges, referring to the integration of SurfControl and removing 50 percent...

Tags: Software, Web, Suite, Antivirus, Websense Inc., Malware, Antivirus Software, Attack Vector, Attack, Data Loss Prevention, Europeans, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Larry Dignan

Blog posts 2008-02-19

Microsoft privacy guru's site hacked

Microsoft privacy guru's site hackedROTFLMAO !!!This one was priceless . How can Microsoft's Security Guru site get hacked ? Oh my all the MS fanboys claim that Microsoft products are so secure . "In a world without walls and fences , who needs windows and gates."How can this be? It...

Tags: Web servers, Linux, Operating systems, UNIX, OPEN SOURCE, Construction, America Online Inc., Microsoft privacy guru, Microsoft Privacy, Microsoft Corp., operating system, attack vector

Discussion threads 2007-10-29

IE users beware: RealPlayer zero-day flaw under attack

IE users beware: RealPlayer zero-day flaw under attackWait a minute!According to what I've read from the Microsoft drones, IE is supposed to be "operating in a sand box".How is it possible to be attacked by a flaw while it's "in a sand box"? (unless it's a sand booger, of course)But...

Tags: Web browsers, Apple Mac OS X, Operating systems, sentance, Leopard, ActiveX, Microsoft Corp., Microsoft Internet Explorer, RealNetworks RealPlayer, Linux, attack vector, Apple Macintosh

Discussion threads 2007-10-19

Firefox ships 'fix' for QuickTime attack vector

Firefox ships 'fix' for QuickTime attack vectorThe patch to the patch of the patch that Apple failed to patch[i]Apple also attempted a fix for this issue in February 2007[/i]Doesn't Apple test anything it releases? Typical Apple quality.snicker, smirk :)Is this a Quicktime bug?Or another example of the Microsoft Windows URI...

Tags: Digital music, Web browsers, Digital media, Apple QuickTime, Mozilla Firefox, QuickTime attack vector, Apple Inc., attack vector

Discussion threads 2007-09-18

QuickTime-Java 'attack vector' reported: now can affect all browsers

QuickTime-Java 'attack vector' reported: now can affect all browsersAbbreviationsYour use of "QT" for "QuickTime" is confusing, since the Safari browser is based on the QT cross-platform library from TrollTech.It's not Qt...that Safari uses. Specifically, Safari uses the KHTML rendering engine used in Konqueror.

Tags: Web browsers, Apple Safari, QuickTime-Java, attack vector, Web browser

Discussion threads 2007-04-25

Additional Resources

News to know: Apple and anti-virus; Vista SP2; Kumo; Palm; Linux

Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Christopher Dawson: Just what does it take to switch to desktop Linux (part 2)? Ryan Naraine: Apple: Mac users should run multiple anti-virus Breaking...

Tags: Apple iPhone, Nokia Corp., Antivirus, Service Pack 2, Palm Inc., Microsoft Windows Vista, Apple Inc., SOA, Microsoft Corp., Linux, Service-Oriented Architecture (SOA), Microsoft Windows XP Service Pack 2, Open Source, UNIX, Operating Systems, Security, Viruses And Worms, Software, Web Services, Enterprise Software, Larry Dignan

Blog posts 2008-12-02

Breaking the zero-day habit

* Ryan Naraine is traveling. Guest editorial by Mike Rothman Given that this blog is called "Zero Day," I think it's fitting that I'm calling for most security professionals to ignore most of what comes out of the security research community. To be...

Tags: Security Professional, Risks, Security, Ryan Naraine

Blog posts 2008-12-02

AlertPay hit by a large scale DDoS attack

Timing is everything. Millions of account holders at privately owned online payment gateway AlertPay.com weren't able to do business through the service yesterday, due to the fact that AlertPay was under a large scale DDoS attack, according to a notice left by a company representative. Seven hours of downtime right...

Tags: Distributed Denial Of Service, AlertPay, Security, Dancho Danchev

Blog posts 2008-12-01

Is there no end to the AutoRun madness?

* Ryan Naraine is traveling. Guest editorial by Roel Schouwenberg Let's skip any introduction and get straight to the point: We're currently facing a problem of epidemic proportions in malware that is spreading via removable devices. The U.S. army's recent...

Tags: Floppy Disk, Malware, Microsoft Corp., USB, Virus, AutoRun, Cyberthreats, Spyware, Adware & Malware, Microsoft Windows, Viruses And Worms, Security, Operating Systems, Software, Ryan Naraine

Blog posts 2008-12-01

News to know: Mumbai attacks, Microhoo, Holiday shopping, HDTVs

Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Jennifer Leggio: Mumbai attack coverage demonstrates good and bad maturation point of social media Social media marketing opportunism during tragedy = fail Oliver Marks: Mumbai Attacks...

Tags: Yahoo! Inc., HDTV, Apple Inc., Microsoft Corp., Attack, Digital Video, Web Site Development, Web Technology, Cyberthreats, Spyware, Adware & Malware, Open Source, Personal Technology, Internet, Security, Sam Diaz

Blog posts 2008-12-01

Just what does it take to switch to desktop Linux (part 1)?

Last week, when I asked "Are you sure you don't just want to use Ubuntu?" I received a record number of talkbacks, good, bad, and in between. One of the more interesting, though, came from reader ksheppard, who responded with a challenge: ...Here's a challenge to you: Make...

Tags: Budgeting, Superintendent, Desktop Linux, Microsoft Windows, Linux, Desktops, Operating Systems, Software, Hardware, Christopher Dawson

Blog posts 2008-11-30

Virus hits nearly 75% of systems on Afghanistan military base

Earlier this month we saw the military ban the use of USB drives and other removable media. Apparently the virus outbreak that lead to this measure affected 75% of all systems at the largest U.S. military base in Afghanistan. Details are still sparse, but both the...

Tags: Virus, Military, Details, Cyberthreats, Biotechnology, Security, Viruses And Worms, Adam O\'Donnell

Blog posts 2008-11-29

Mumbai attack coverage demonstrates (good and bad) maturation point of social media

We have individuals running amok with information and we have no way of knowing if what is reported via social media is true. And in situations like the response to the Mumbai attacks, this presents bona fide danger. by Jennifer Leggio

Tags: Mumbai, Social Media, Twitter, Jennifer Leggio

Blog posts 2008-11-28

Web 2.0 security? What a mash

* Ryan Naraine is away on vacation. Guest editorial by Guillaume Lovet Ah, Web 2.0. Its endless composition of heterogeneous sources (aka "mash-up") possibilities, its social networking-oriented nature, its user-provided content... A Web adapted to today's powerful machines, linking people together in world...

Tags: Google Inc., Web, Facebook, Codec, YouTube Inc., Video, Web 2.0, Corporate Communications, Channel Management, Security, Internet, Marketing, Ryan Naraine

Blog posts 2008-11-24

Gmail exploit lets attackers forward your email to them

Philipp Lenssen spotted a post by Brandon at GeekCondition that explains the general idea behind an attack that can be used to set up filters in your Gmail account without your knowledge. It's important to be aware of these kind of things so you can better protect yourself. ...

Tags: Google Gmail, Attacker, E-mail, Cookie, E-mail Providers, Cloud Computing, Internet, Garett Rogers

Blog posts 2008-11-23

News to know: Dell; Army bans USB drives; Salesforce; Microsoft

Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Larry Dignan: Cost cutting pays off for Dell; IT spending, demand 'challenging' Sam Diaz: Salesforce bucks trend for Q3; shares rising. Unsealed court filing: HP's Hurd...

Tags: Salesforce.com Inc., Larry Dignan, Dell Computer Corp., Microsoft Corp., USB Flash Drive, Internet, Open Source

Blog posts 2008-11-21

iPhone vs. Android development: Day 4

It's day 4 of a 5-day course on iPhone programming. As before I'll be sharing my observations from the classroom on how development on the iPhone compares to Android development. The class is presented by Joe Conway from Big Nerd Ranch. [Read: Day 1, Day 2, Day...

Tags: Apple iPhone, Animation, Camera, View, View Transitions, Core Graphics, Android API, Ed Burnette

Blog posts 2008-11-20