day vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Black market for zero day vulnerabilities still thriving

Black market for zero day vulnerabilities still thrivingWhy shouldn't everyone want to make illegal...... the writing and publication of exploits? For any expressed purpose.How long will the idea of goading the software companies prevent people from realizing that the difference between a malign and supposedly useful exploit is the...

Tags: Black Market, day vulnerability, Canadian Law, exploit

Discussion threads 2008-11-03

Black market for zero day vulnerabilities still thriving

One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released flaws. They'd be wrong. The black market for zero day vulnerabilities and the concept of over-the-counter OTC trade of zero day flaws, has been...

Tags: Web, Vulnerability, Web Application, SQL Injection, Exploit, Day Vulnerability, E-shop, Security, Dancho Danchev

Blog posts 2008-11-02

Storm Worm's Independence Day campaign

A Storm Worm's Independence Day campaign is circulating online using email as propagation vector, attempting to trick users into visiting a Storm Worm infected host, where a multitude of what looks like over five different exploits attempt to automatically infect the visitors next to the malware binary fireworks.exe. Historically, Storm...

Tags: Software, Malware, Worm, Exploit, Storm Worm, Day Vulnerability, Cyberthreats, Spyware, Adware & Malware, Viruses And Worms, Security, Dancho Danchev

Blog posts 2008-07-04

Additional Resources

iHacked: jailbroken iPhones compromised, $5 ransom demanded

Yesterday, a "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now!" message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from...

Tags: Apple iPhone, SSH, Smart Phones, Consumer Electronics, Personal Technology, Dancho Danchev

Blog posts 2009-11-03

Analyst: Big on Motorola, Android; no love for RIM, Palm

To Stay in Business,eventually they will turn to Android.The SAME WAY did HTC and MOTOROLA.and IT will not Take Long!RE: Analyst: Big on Motorola, Android; no love for RIM, PalmRIM forever!droid is cool, but read the comments on the original article.this guy is probably waaaay off.IT Analysts are kind of...

Tags: Telecom & Utilities, Investment, Handhelds, droid, IT-Analysts, Motorola Inc., Research In Motion Ltd., Palm Inc., phone, Pre, v60

Discussion threads 2009-11-02

My Top Scary Technology Trends

The Most Terrifying:Google.Kills good companies by handing out "freebies". VERY scary.Machines replacing humansI thought they were tools to enhance our experience on earth.The worst is when customer is an AI telephone. "I'm sorry, could you repeat your last phrase. I did not understand". I thought the buttons were bad enough.RE:...

Tags: cloud computing, Storage management, Google Inc., hardware, virtualization

Discussion threads 2009-10-29

Windows 7 security default worries experts

How many Windows 7 does it take...How many dribble articles about Windows 7 canthere be in one week.I heard Windows 7 is now helping the economy andit has changed global warming to global cooling.So the polar bears are now SAFE!!! Way to go Windows 7 it is like the messiah...

Tags: Operating systems, Ubunutu, Microsoft Windows 7, security, Microsoft Windows, Microsoft Corp., Win7

Discussion threads 2009-10-22

Patch Tuesday: MS plugs critical IE, Windows Media Player holes

Is MS going to pay for my Gb/month overage?With ISPs grasping for profits I see the day when the "download cost" of these mega-patches become an issue!RE: Patch Tuesday: MS plugs critical IE, Windows Media Player holesWow, my Microsoft software is sure to be secure now.GOOD JOB!If only other manufacturers...

Tags: Patches, Microsoft Internet Explorer, media player, patch management, Adobe Systems Inc., Microsoft Corp.

Discussion threads 2009-10-13

Google Chrome update doesn't remove older, vulnerable version

But how would an attacker cause the vulnerable code to execute?Frankly, this seems to be a minor issue. If you are launching Chrome you will launch the latest version. The older version is just cruft. I don't see any scenario where you inadvertently or an attacker can execute the older...

Tags: Microsoft Windows, Web browsers, SECURITY, IE8, Chrome, Google Chrome, Google Inc.

Discussion threads 2009-10-01

RIM plugs BlackBerry phishing hole

Software versionIs there anywhere RIM states the software versions that contain the patch? I used their online tool to check my AT&T Bold and it told me v4.6.0.297 that I installed a month ago was the most current software. UselessI got the same result with my Storm. 1 would think...

Tags: Handhelds, phishing, BlackBerry Device Software Version, BlackBerry Device Software, RIM BlackBerry, Blackberry Device, Research In Motion Ltd.

Discussion threads 2009-09-30

Malware affiliate bounty: Infect a Mac, earn 43 cents

It's just what Apple deserves.Apple has long implied that its OS and software are inherently immune to attack. It's about time it and Mac owners were brought up short.It has begun...Now to see how long it will take before the Mac is as beset by malware as Windows.RE: Malware affiliate...

Tags: Spyware, adware & malware, Cyberthreats, Desktops, Viruses and worms, bounty, Apple Macintosh, malware, Microsoft Windows, security

Discussion threads 2009-09-25

PBS.org hacked, serving malware cocktail

They must be running linux.yes, they are running LinuxSurprise, Linux is not immune...However, to be fair this hack was likely through some application layer vulnerability, not a Linux exploit, unless the admin is really inept. Most likely a SQL injection attack.Linux nor Windows are really hackable when set up as...

Tags: UNIX, Operating systems, OPEN SOURCE, malware, Linux, Foxit Reader, PBS

Discussion threads 2009-09-18

'Anonymous' group attempts DDoS attack against Australian government

Following a threat posted on YouTube a month ago, the the well known malicious pattern of the "Anonymous group" failed to materialize earlier today when the group attempted to launch a distributed denial of service DDoS attack against the web sites of Australia's Prime Minister and the Australian Communications and...

Tags: Government, Crowdsourcing, Distributed Denial Of Service, Security, Dancho Danchev

Blog posts 2009-09-09

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Feel free to delete this Ryan.ThanksIsn't it about time we stop playing nice andfind these people who create such an endless stream of blank and do a bit of Vlad the Impaler on them? Catch em... give them a fair trial (I want to be certain we publicly impale...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Microsoft Corp., SMB2, Microsoft Windows Vista, vulnerability, beta

Discussion threads 2009-09-09

Windows 7, Vista exposed to 'teardrop attack'

Vulnerable by default?[i]Exploit code for a remote reboot flaw in Microsoft's implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95.[/i]I presume this attack is able...

Tags: Firewalls, Network security, SECURITY, NETWORKING, Microsoft Windows Vista, firewall, Network Address Translation, Microsoft Windows, software firewall, Microsoft Windows 7, attack

Discussion threads 2009-09-08

Microsoft patches gaping Windows worm holes

So basically all of them......affecting Vista or 7 require user intervention just like all other modern operating systems these days?OK.RE: Microsoft patches gaping Windows worm holesAll of the bulletins specifically say that Win7 is not affected.Two require no user interaction whatsoever.The first two listed require user interaction only in that...

Tags: Microsoft Windows 7, Microsoft Windows Vista (Longhorn), INTERNET, Patches, UAC, user interaction, OS X., Microsoft Corp., Microsoft Windows Vista, Microsoft Windows, patch management

Discussion threads 2009-09-08

Windows zero-day reported

Oh my god, a piece of software has an error!I think if this can be duplicated (as it seems from the story the 'bug' is inconsistent) the it will be patched. Every software has bugs and few software is more complex than an OS.RE: Windows zero-day reportedWindows needs to be...

Tags: Operating systems, OPEN SOURCE, Microsoft Windows 7, exploit, Microsoft Windows, Linux, window, vulnerability, software, Microsoft Corp., Win 7

Discussion threads 2009-09-08

News to know: E-readers; Web OS and IT; VMware; Cisco

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET’s around-the-Web tech coverage. Dion Hinchcliffe: How the Web OS has begun to reshape IT and business Oliver Marks: Course Credits as a...

Tags: E-reader, Sony Corp., Google Inc., Web, Virtualization, Information Technology, Amazon.com Inc., VMware Inc., Microsoft Corp., Cisco Systems Inc., Camera, E-books, Open Source, Personal Technology, Larry Dignan

Blog posts 2009-09-08

If a flash drive infects a network, who's to blame?

I think the answer could be both are to blame...More more data i could give a clear cut answer such as 1. was there a policy in place that addressed flash drive useage. 2. Did IT limit flash drive useage with admin tools. So who's to blame i cannot say...

Tags: Flash memory, NETWORKING, Wtf, Network Access Control, USB flash drive, network

Discussion threads 2009-09-04

Red Hat: Microsoft taking cloud back to the 80s

Red Hat should feel right at home then because using their software is like using something out of the 80's. I'll prefer a modern company like Microsoft instead of a company based on 30 year old technology such as Red Hat. My theory is that Red Hat is...

Tags: OPEN SOURCE, Microsoft Windows, Operating systems, NT-kernel, Microsoft Corp., Red Hat Inc., Linux, Unix

Discussion threads 2009-09-03