carpet bomb

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Security researcher keeps "Carpet Bomb" attack alive, despite patch

Security researcher keeps "Carpet Bomb" attack alive, despite patchYesIt def. still works, albeit not in exactly the same way. I can't comment more until Rios has released details.-NateIs the attack really still "alive" ?Re-read BK's blog:"... Safari’s behavior affected more than just IE. In fact, I’ve discovered a way...

Tags: Web browsers, Cyberthreats, Spyware, adware & malware, Apple Safari, carpet bomb, bomb, security

Discussion threads 2008-06-21

Additional Resources

Social networks change how we understand Sotomayor nomination

Social networks change how we understand Sotomayor nominationImagine if it were a white male ...nominee who ever said "white males can form better judgment than minority females". What would happen? Well, you bet the main stream media would carpet bomb him. They'd nuke the guy to oblivion for saying it.But...

Tags: Sotomayor, social networking, network

Discussion threads 2009-07-13

Apple is recession proof

Apple is recession proofBig mistake:Stock market performance is not an indicator of anything but investor sentiment. Apple's bottom line is better now with the stock at 120 than it was when the stock was at 200.I doubt that Apple, or any technology company, will get through this recession unscathed.Unemployment...

Tags: Investment, Apple Inc., recession, stock, recession proof

Discussion threads 2009-04-13

Web 2.0 Expo: Top ten Web hacking techniques

A large portion of the Web 2.0 Expo attendees are focused on content. They want to create better, more engaging content for social media programs and Web engagement with their customers. But the Web and application developers behind this content need to know how to secure it. This is what...

Tags: Technique, Web, Web 2.0, Hacking, Attacker, Attack, Clickjacking, Channel Management, Security, Marketing, Jennifer Leggio

Blog posts 2009-04-01

I am Linux (and so can you!)

If you watch TV, you're likely to see tons of Windows ads and Apple's "I'm a Mac" ads, but where are the Linux ads? There have been a few TV ad campaigns featuring Linux (thanks IBM!) but overall, Linux is absent from the airwaves. The Linux Foundation wants to do...

Tags: Advertisement, Video, Linux Foundation, Linux, UNIX, Operating Systems, Open Source, Software, Joe Brockmeier

Blog posts 2009-01-27

Google Chrome vulnerable to carpet-bombing flaw

Google Chrome vulnerable to carpet-bombing flawjust proves that no software can ever be without any flawsntmore typical ZDnet FUDChrome prevents access to user folders including the desktop using permissions. R-E-A-S-E-A-R-C-HRE: Google Chrome vulnerable to carpet-bombing flaw"Raff’s code shows how a malicious hacker can use a clever social engineering lure...

Tags: Microsoft Windows, Web browsers, SECURITY, Google Chrome, Google Inc., carpet-bombing flaw, flaw

Discussion threads 2008-09-02

A look at the recent Firefox 3 vulnerability

True to form, Billy Rios promised a more in depth look at the MSFA2008-35 vulnerability which is another protocol handler flaw in Firefox 3.  As previously reported here, this was another protocol handler flaw that led to arbitrary remote command execution, and is especially dangerous since it can be deployed...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, Apple Safari, Vulnerability, Protocol Handler, Firefox3, Security Decision, Web Browsers, Security, Internet, Nathan McFeters

Blog posts 2008-07-22

2008 Pwnie Award nominees announced

2008 Pwnie Award nominees announcedNot bad butI have to give Lamest Vendor Response to Apple for the Safari carpet bomb flaw.Ok, Nate, so here's a solution to your QuickTime problemDon't run your browser with administrative credentials... yeah, yeah you're going to counter with something that is probably mostly FUD based....

Tags: Digital music, SECURITY, Operating systems, Nate, Pwnie Award

Discussion threads 2008-07-21

2008 Pwnie Award nominees announced

Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.  From the site: The final list of nominees for the nine Pwnie Award categories is ...

Tags: Attack, Flaw, Lifelock, Nathan McFeters, Nominee, Security, Vulnerability, XSS, XSS Flaw

Blog posts 2008-07-21

News to Know: Googlenomics; Windows Mobile 7 phones; Broadband hell

Notable headlines: Ryan Naraine: Free Sourcefire tool pinpoints hostile MS Office files Apple security team finds code execution holes in Ruby Google using invalid security certificate Dancho Danchev: Phishers targeting Facebook users, fake logins...

Tags: Security, Google Inc., Phone, Hewlett-Packard Co., Microsoft Windows Mobile, Information Technology, Broadband, Microsoft Corp., Service-Oriented Architecture (SOA), Microsoft Windows, Data Centers, Virtualization, Telecom & Utilities, Web Services, Enterprise Software, Software, Operating Systems, Storage, Hardware, Data Management, David Grober

Blog posts 2008-06-23

Researcher keeps 'carpet bomb' attack alive, despite patch

Security research Billy Rios posted an article today about the Apple Safari "Carpet Bomb" attack, discussing a new issue that, despite the patch which prevented a "blended" remote command execution attack when Safari was used in conjunction with IE on a Windows system, keeps the "Carpet Bomb" attack alive and well. ...

Tags: Software, Apple Safari, Apple Inc., Ecosystem, Attack, Billy Rios, Security, Nathan McFeters

Blog posts 2008-06-21

Proof of Concept "carpet bombing" exploit released in the wild

In what appears to be an attempt to provoke Apple to reconsider its currently passive position on the severity of the dubbed as "carpet bomb" flaw, a working Proof of Concept exploit code has been released at Liu Die Yu's security blog : Nitesh Dhanjani discovered that Safari for...

Tags: Desktop, Apple Safari, Vulnerability, Microsoft Internet Explorer, Liu, Microsoft Windows, Web Browsers, Operating Systems, Security, Software, Internet, Dancho Danchev

Blog posts 2008-06-11

TSA is failing us, let my associated ranting begin thusly

TSA is failing us, let my associated ranting begin thuslyHand Sanitizer Bombinterestingly enough, it's probably completely possible to build a bomb out of a can of hand sanitizer and a lighter. well... maybe not a bomb persee... but enough of a distraction i'm sure.i know i'm not giving away...

Tags: Transportation Security Administration, F'ing

Discussion threads 2008-06-09

OpenSUSE 11 RC1: The Mercedes-Benz to Ubuntu’s Volkswagen

2008 will be a very good vintage for community end-user Linux distributions. So far, we've seen the release of Ubuntu 8.04, which is universally considered to be  a major milestone release in usability and device compatibility, and one of the easiest distros to install. While not as widely lauded, we...

Tags: Ubuntu, Novell Inc., Fedora Project, Novell OpenSuse, Volkswagen AG, GNOME, Software Update Utility, Linux, Open Source, UNIX, Operating Systems, Software, Jason Perlow

Blog posts 2008-06-03

Microsoft issues Safari-to-IE blended threat warning

Microsoft has issued a formal security advisory with a confirmation of public warnings that the Safari "carpet bombing" vulnerability presents a remote code execution threat on all supported editions of Windows XP and Windows Vista. The pre-patch advisory from Redmond follows public pressure from the Google-backed StopBadware.org...

Tags: Apple Safari, Microsoft Corp., Microsoft Windows, Web Browsers, Operating Systems, Security, Software, Internet, Ryan Naraine

Blog posts 2008-05-30

Why Apple must fix Safari 'carpet bombing' flaw immediately

Apple makes a big deal -- and lots of funny commercials -- around the security profile of its products.  On the Safari download site,  the boast is that users get "worry-free Web browsing on any computer" because, in Cupertino's words, "Apple engineers designed Safari to be secure from day one."...

Tags: Apple Safari, Vulnerability, Apple Inc., Flaw, Desktops, Microsoft Windows, Security, Hardware, Operating Systems, Software, Ryan Naraine

Blog posts 2008-05-29

News to know: Hactivists; XO-2 laptop; HP; Virtualization

Notable headlines: Dancho Danchev: Pro-Serbian hacktivists attacking Albanian web sites Over 1.5 million pages affected by the recent SQL injection attacks DoS Attacks Using SQL Wildcards Revealed Ryan Naraine: Secunia finds 'highly critical' Foxit Reader Flaw Are you wary of...

Tags: Larry Dignan, Hewlett-Packard Co., Virtualization, Network, Microsoft Corp., Twitter, Laptop Computer, One Laptop Per Child Project, Sales Strategy, Ultramobile PCs (UMPCs), Microsoft Windows Vista (Longhorn), Sales Force Management, Sales, Tablets, Hardware, Notebooks & Tablets, Emerging Technologies, Operating Systems, Microsoft Windows, Software

Blog posts 2008-05-21

Apple under pressure to fix Safari 'carpet bomb' flaw

Apple under pressure to fix Safari 'carpet bomb' flawThe problem with this one isIt's too easy. Anyone can read the PoC and figure out how to conduct a full blown attack quite simply. If you fit the pieces together, it's directly attackable.-NateRE: Apple under pressure to fix Safari...

Tags: Apple Inc., Apple Safari, flaw, Microsoft Corp., security

Discussion threads 2008-05-20

Apple under pressure to fix Safari 'carpet bomb' flaw

The Google-backed StopBadware.org coalition has called on Apple to rethink its stance on whether the Safari "carpet bomb" issue reported by Nitesh Dhanjani constitutes a serious security risk. Dhanjani originally discovered than it is possible for a booby-trapped Web site to litter the user's Desktop Windows or...

Tags: Apple Safari, Apple Inc., Flaw, Google-backed StopBadware.org Coalition, Security, Spyware, Adware & Malware, Instant Messaging, Cyberthreats, Internet, Online Communications, Ryan Naraine

Blog posts 2008-05-20

News to know: XP meets XO; Yahoo; Facebook; Verdiem; DIY phishing

Notable headlines: Mary Jo Foley: It's finally official: XP is coming to the XO. Christopher Dawson: Sugar-free Windows, as predicted Microsoft cuts backup from Windows Home Server PowerPack Larry Dignan: Icahn launches Yahoo proxy fight; Mark Cuban's return?...

Tags: Facebook, Larry Dignan, Microsoft Windows XP, Yahoo! Inc., Privacy, TechMeme, Icahn, Phishing, Service-Oriented Architecture (SOA), Cyberthreats, Spam, Security, Viruses And Worms, Spam And Phishing, Web Services, Enterprise Software, Software

Blog posts 2008-05-16