Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Researchers exploit SSL and domain flaws
- Researchers exploit SSL and domain flawsI read in an article earlier that read Dan Kaminsky's website hacked.It was an interesting read earlier this morning, 5 A.M. July 29, 2009 3:13 PM PDTSecurity experts' sites hacked on eve of Black Hat conferenceby Elinor Millshttp://news.cnet.com/8301-27080_3-10299126-245.htmlVeriSign Responds to Black HatTim Callan, vice president...
- Tags: SSL/TLS, Authentication/Encryption, Network security, SECURITY, domain flaw, SSL, Black Hat
- Discussion threads 2009-07-30
- Microsoft joins 'patch DNS now' chant; Apple patch missing
- On the heels of the release of weaponized exploit code for the DNS cache poisoning vulnerability, Microsoft has joined the chorus of security pros pleading with DNS server providers to immediately apply patches to protect users from malicious attacks. The Redmond, Wash. security...
- Tags: Apple Macintosh, DNS, Vulnerability, Apple Inc., Exploit Code, Microsoft Corp., Attack, Dan Kaminsky, Domain Names, Apple Mac OS X, Networking, Security, Internet, Operating Systems, Software, Apple Mac OS, Ryan Naraine
- Blog posts 2008-07-25
- Vulnerability disclosure gone awry: Understanding the DNS debacle
- On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky with the help of Black Hat conference organizers invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday." "A synchronized...
- Tags: Black Hat, DNS, Conference, Dan Kaminsky, Thomas Ptacek, Domain Names, Patches, Security, Networking, Internet, Ryan Naraine
- Blog posts 2008-07-22
- Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08
- Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08What should users of the DNS checking tool expect to see?Can you document that a bit more?RE: Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details atYour name server, at 10.1.1.1, appears vulnerable to DNS Cache Poisoning.All...
- Tags: Domain names, NETWORKING, DNS, multi-vendor patch, Dan Kaminsky, patch, Black Hat
- Discussion threads 2008-07-08
Additional Resources
- Mozilla patches 'critical' Firefox flaws
- Mozilla patches 'critical' Firefox flawsNever ending critical flawsIsn't it obvious now that HTML / JAVASCRIPT was so badly designed that these flaws are inevitable? WEB needs a new markup standard, and it'd better not be HTML-oriented regardless how these W3C guys insist they can get it right.RE: Mozilla patches 'critical'...
- Tags: Web browsers, Patches, SECURITY, Mozilla Firefox, Mozilla Corp., flaw, Firefox 3.5, patch management
- Discussion threads 2009-08-03
- Mozilla patches 'critical' Firefox flaws
- Mozilla has released two advisories to patch serious security flaws in its flagship Firefox Web browser. The vulnerabilities are rated "critical," meaning they can be exploited by malicious hackers to run harmful code and install software, requiring no user interaction beyond normal browsing.  ...
- Tags: Mozilla Firefox, Flaw, Vulnerability, Patch Management, SSL, Web Browser, Mozilla Corp., Certificate, Ssl/Tls, Web Browsers, Authentication/Encryption, Network Security, Security, Internet, Networking, Ryan Naraine
- Blog posts 2009-08-03
- A Good Year for Security Collaboration
- Guest Editorial by George Stathakopoulos It seems like just yesterday when I was at Black Hat. Now as I get ready to fly to Las Vegas again, I look forward to seeing a lot of security researchers, hearing their latest exploits and how they fared over the...
- Tags: Microsoft Corp., Conficker Working Group, Security, Ryan Naraine
- Blog posts 2009-07-27
- Enterprises thrown a lifeline as Conficker worm looms
- There has been a big break in the Conficker worm that threatens to activate and cause a lot of havoc on April 1: German researchers at the Honeynet Project have been able to fingerprint the malware on infected networks. Ryan Naraine has the details: Just days...
- Tags: Network, Honeynet Project, Worm, Conficker, Network Scanner, Scanners, Cyberthreats, Viruses And Worms, Security, Hardware, Peripherals, Larry Dignan
- Blog posts 2009-03-30
- German researchers score Conficker detection breakthrough
- German researchers score Conficker detection breakthroughI think they meant March 30"The Honeynet Project has released proof of concept scanner and, later today (April 30th)..."Link for nmap would be appreciatedI've been looking for instructions or a plugin for nmap and haven't found anything but others looking for the same thing. A...
- Tags: PRODUCTIVITY, SECURITY, Patches, Cyberthreats, Conficker, detection breakthrough, Conficker detection breakthrough
- Discussion threads 2009-03-30
- German researchers score Conficker detection breakthrough
- Just days ahead of an April 1st activation date for the Conficker worm squirming through the Windows operating system, security researchers at the Honeynet Project have scored a major breakthrough, finding a way to fingerprint the malware on infected networks. Now, with the help of Dan Kaminsky...
- Tags: Researcher, Network, Honeynet Project, Malware, Conficker, Conficker Malware, Scanners, Cyberthreats, Spyware, Adware & Malware, Viruses And Worms, Security, Hardware, Peripherals, Ryan Naraine
- Blog posts 2009-03-30
- SSL broken! Hackers create rogue CA certificate using MD5 collisions
- SSL broken! Hackers create rogue CA certificate using MD5 collisionsAt least they're talking to the vendors first.Now if only the CAs will get off their butts and implement some changes...RE: SSL broken! Hackers create rogue CA certificate using MD5 collisionsпиздёж ёбана, автору фапать 25 разRE: SSL broken! Hackers create rogue...
- Tags: SSL/TLS, Authentication/Encryption, Network security, SECURITY, MD5, Computer Associates International Inc., SSL, collision
- Discussion threads 2008-12-30
- SSL broken! Hackers create rogue CA certificate using MD5 collisions
- Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority CA, a breakthrough...
- Tags: Certification Authority, SSL, Web Browser, Computer Associates International Inc., Certificate, Hacker, MD5, Web Browsers, Internet, Ryan Naraine
- Blog posts 2008-12-30
- Breaking the zero-day habit
- * Ryan Naraine is traveling. Guest editorial by Mike Rothman Given that this blog is called "Zero Day," I think it's fitting that I'm calling for most security professionals to ignore most of what comes out of the security research community. To be...
- Tags: Security Professional, Risks, Security, Ryan Naraine
- Blog posts 2008-12-02
- Debate around 'partial disclosure' heats up
- There are many ways of telling the world about a security vulnerability. A vulnerability can be announced without telling the vendor, it can be announced after giving the vendor a period of time to fix the issue, or it may just be circulated amongst the underground without ever coming...
- Tags: Disclosure, Researcher, Vulnerability, Security, Adam O'Donnell
- Blog posts 2008-10-13
- The depressing future of the Internet
- A brief overview of how the Internet came about: some years ago, some military boffs thought it'd be awesome if computers could talk to each other, so the US could nuke the hell out of other countries without actually being near there. A smart professor from England then came up...
- Tags: Security, IPv6, Computer, Flaw, IPv6 Adoption, Internet, Zack Whittaker
- Blog posts 2008-08-28
- Whoââ¬â¢s Dumber: Bad Guys ââ¬Â¦ Or Good Guys?
- In the old cowboy movies, the black hats were villains that created mayhem, until the white hats came along and ended their reigns of fear. Now, we have the spectacle of good guys seemingly educating the bad guys on how to exploit flaws or processes of the Internet, that...
- Tags: Hat, Flaw, Internet, Social Security, BGP, Operational Accounting, Government, Networking, Finance, Tom Steinert-Threlkeld
- Blog posts 2008-08-27
- MBTA published checksum info in court filings
- MBTA published checksum info in court filingsWho is MBTA?Admittedly, I could probably look it up, but it really should be one of the first things you mention in your article.The important question is TRO, not PROThe spectre of a permanent restraining order is a red herring. The immediate harm...
- Tags: SECURITY, MBTA, TRO, court filing, filing
- Discussion threads 2008-08-14
- Measuring (not so) recent BIND nameserver patching
- Guest editorial by Derek Callaway This post is meant to provide an approximation of BIND nameserver updates that occurred during the past month, most likely in response to Dan Kaminsky's DNS cache poisoning vulnerability. I conducted this research because I was curious as to how widely BIND...
- Tags: Vulnerability, BIND, Domain, Dinosaur, Domain Names, Internet, Ryan Naraine
- Blog posts 2008-08-14
- Black Hat Las Vegas Day 1
- Well, this is well late, but here's my recap of Black Hat Day 1. Sorry for the delay, but I've been terribly busy finishing up preparations for my Day 2 talk. The first talk I went to see, "Pointers and Handles, A Story of Unchecked Assumptions...
- Tags: Billy Rios, Black Hat, Cyberthreats, Nathan McFeters, Phishing, Security, Spam, Spam And Phishing, Viruses And Worms
- Blog posts 2008-08-08
- Expert: SOA vulnerable to DNS security flaw, too
- This just in from the Black Hat security confab currently taking place in Las Vegas: Dan Kaminsky, a well-known IT security researcher, disclosed his findings around the Domain Name Server flaw or DNS cache poisoning vulnerability, and where it can bite. Tim Wilson of Dark Reading reported on Kaminsky's presentation,...
- Tags: security, dns, server, soa, flaw, domain names, service-oriented architecture (soa), networking, internet, web services, enterprise software, software, joe mckendrick
- Blog posts 2008-08-06
- << Previous
- page 1 of 1
- Next >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
White Papers and Webcasts
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
