dennis fisher

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Google Chrome, the security tidbits

The oft-rumored Google browser is real. It's called Google Chrome and it comes with a handful of security-related features like privacy mode and blacklist-based blocking of phishing and malware sites. [ PREVIOUSLY: Google hires browser hacking guru ] A beta version of the...

Tags: Google Inc., Web Browser, Dennis Fisher, Web Browsers, Phishing, Cyberthreats, Security, Viruses And Worms, Internet, Spam And Phishing, Ryan Naraine

Blog posts 2008-09-01

Additional Resources

Fawning over Chatter and how SAP missed its chance

Ever since Salesforce.com announced Chatter, there's been a rising crescendo of what I can only describe as fawning and uncritical waffle. It's worrying. As I've said before, Chatter is ESME with a few bells and whistles. Yet here we have everyone from Scoble...

Tags: Salesforce.com Inc., SAP AG, ESME, Scoble, Sales Force Management, Sales, Dennis Howlett

Blog posts 2009-11-23

Podcast: Inside the OWA attacks, Patch Tuesday wrap-up

In this podcast with Threatpost co-editor Dennis Fisher, I discuss the recent Outlook Web Access phishing attacks, the Microsoft/Adobe patchapalooza and the true extent of the botnet/malware epidemic.  Listen here. by Ryan Naraine

Tags: Attack, Microsoft Outlook Web Access, Microsoft Outlook, Podcasts, Phishing, Microsoft Office, Office Suites, Software, Internet, Security, Spam And Phishing, Ryan Naraine

Blog posts 2009-10-16

Black Hat recap podcast: SSL, SMS, BIOS rootkits

In this podcast, I chat with Threatpost.com co-editor Dennis Fisher about the big news coming out of the Black Hat security conference.  We discuss the attacks using SMS and MMS, rootkits in keyboards and BIOSes, vulnerabilities in SSL and the response from vendors to these problems. Listen here [mp3]. by...

Tags: Black Hat, SSL, SMS, Rootkits, BIOS, Text Messaging/SMS/MMS, Podcasts, Ssl/Tls, Authentication/Encryption, Telephony, Cellular Phones, Network Security, Security, Spyware, Adware & Malware, Hardware, Components, Consumer Electronics, Personal Technology, Online Communications, Internet, Networking, Ryan Naraine

Blog posts 2009-08-03

Mac OS X vulnerable to 6-month old Java flaw

Attention Mac OS X users:  Turn Java off immediately or you could be at high risk of malicious code execution attacks. Tired of waiting for a patch from Apple for a Java flaw that was fixed upstream six months ago, Mac developer Landon Fuller (of Month of...

Tags: Malicious Code, Apple Macintosh, Java Applet, Flaw, Vulnerability, Apple Inc., Applet, Landon Fuller, CVE-2008-5353, Apple Mac OS X, Apple Mac OS, Java, Programming Languages, Operating Systems, Security, Software, Software Development, Software/Web Development, Ryan Naraine

Blog posts 2009-05-20

Microsoft tackles patch management metrics with Project Quant

In partnership with security analyst Rich Mogull right, Microsoft is set to roll out a new research project to help businesses compute the total cost of the patch-management cycle, from testing and distributing a fix to user deployment of the patch. According to this Dennis Fisher report...

Tags: Patch Management, Microsoft Corp., Patches, Ryan Naraine

Blog posts 2009-04-15

Microsoft adds 'Skywing' to Windows defense team

Ken 'Skywing' Johnson, a well-known hacker famous for his work on bypassing several Windows anti-exploitation mechanisms, has joined the software maker to help make it harder to compromise the operating system. Johnson, who teamed up with another recent Microsoft hire -- Matt 'Skape' Miller -- on several...

Tags: Team, Microsoft Corp., Defense, Shostack, Microsoft Windows, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2009-03-25

Researchers demo BIOS attack that survives hard-disk wipe

A pair of Argentinian researchers have found a way to perform a BIOS level malware attack capable of surviving even a hard-disk wipe. The researchers -- Alfredo Ortega and Anibal Sacco from Core Security Technologies -- used the stage at last week's CanSecWest conference to demonstrate methods...

Tags: Hard Drive, Researcher, Attack, BIOS, Rootkits, Security, Hardware, Components, Spyware, Adware & Malware, Ryan Naraine

Blog posts 2009-03-23

Threatpost launches as best practice for enterprise IT and social media

While social media represented measurable success for many consumer-focused companies, there is still a lot of learning to be done in terms of how enterprise technology-focused companies leverage social media. And while many are having luck using collaboration tools or even white label social networks for improving internal communications or...

Tags: Brand, Kaspersky Lab, Information Technology, Social Media, Site, Best Practice, Threatpost, Naraine, Kaspersky Team, Drawas, Branding, Security, Marketing, Jennifer Leggio

Blog posts 2009-03-20

Window Snyder leaves Mozilla

Mozilla security chief Window Snyder is leaving the open-source group. Snyder, who joined Mozilla after stints at Microsoft and Matasano Security, announced her exit on the Mozilla security blog today. Snyder writes: I will be leaving Mozilla at the end of the year. ...

Tags: Window, Mozilla Corp., Window Snyder, Security, Ryan Naraine

Blog posts 2008-12-10

Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks out

Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks outNicely doneI appreciate that you took the time to speak with the researcher who actually discovered the flaws.There are a couple of bloggers on ZDNET who always seem slant their "blogs" with grandiose claims against one platform or technology.I think...

Tags: Microsoft Windows Vista (Longhorn), Blogging, Black Hat, Microsoft Windows Vista, Alexander Sotirov, Microsoft Corp., security

Discussion threads 2008-08-11

Marc Benioff on AIR (and Flex plus Flash)

Yesterday, Adobe hosted Engage an invitation only event at which it showcased some of the cool things developers are doing with Flex, Flash and AIR. Robert Scoble was there with his N95 and a Qik account, filming the entire day. Despite it being a closed event, Adobe made no effort...

Tags: Salesforce.com Inc., Marc Benioff, Adobe AIR, Sales Force Management, Sales, Dennis Howlett

Blog posts 2008-02-26

Hacker movements: Murphy joins Apple; Caceres to Matasano

LAS VEGAS - On the heels of Google's hire of browser hacking whiz Michal Zalewski comes news that another well-known vulnerability researcher is moving over to the vendor side.Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product...

Tags: Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-08-01

Defeating UAC with a two-stage malware attack

An independent security researcher has released details on a two-stage malware attack against Windows Vista to show how easy it is for non-privileged code to replace shortcuts on the Start Menu and intercept UAC User Account Control privilege elevation prompts.Rob Paveza's proof-of-concept (.pdf) uses a regular Trojan horse program as...

Tags: Exploit code, Digital rights management, Data theft, Browsers, Botnets, Hackers, Metasploit, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Symantec, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-05-16