exploit Resources

Did you mean exploit (164 results), zero-day bug (51 results), WMF vulnerability (25 results)

ZDNet Dictionary Definition

Exploit: In computer security, an unethical or illegal attack that takes advantage of some vulnerability. See zero-day exploit and PoC exploit.; Full Exploit Definition >>

ZDNet Resources

Foxit PDF Reader being exploited in the wild: Adobe isn't the only PDF software maker facing in-the-wild malware attacks. Just weeks after the availability of patches for critical security flaws in the popular FoxIt Reader, there is word that malicious hackers are already targeting unpatched versions of the software. ...; Tags: Software, Malware, Exploit, Foxit, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Ryan Naraine; Blog posts 2009-03-25
"No more free bugs"? There never were any free bugs: Vulnerability researchers have always extracted value out of their work, even before there was a monetary value placed on exploits. Security researchers at last week's CanSecWest conference dramatically announced their new philosophy that software vulnerabilities should no longer be given away. The movement cites the existence...; Tags: Researcher, Vulnerability, Exploit, Security, Adam O'Donnell; Blog posts 2009-03-24
Nils2Own: 'I want to see security flaws fixed': VANCOUVER, BC -- Charlie Miller may have dominated the headlines but the undisputed champion of this year's CanSecWest Pwn2Own contest was a hitherto unknown hacker who asked to be identified simply as "Nils." A day after his perfect sweep of the breaking into...; Tags: Apple Macintosh, Mozilla Firefox, Vulnerability, Bug, Microsoft Internet Explorer, Web Browser, Exploit, Web Browsers, Apple Mac OS X, Apple Mac OS, Desktops, Operating Systems, Security, Internet, Software, Hardware, Ryan Naraine; Blog posts 2009-03-23
Questions for Pwn2Own hacker Charlie Miller: VANCOUVER, BC -- At the CanSecWest security conference here, I got a chance to sit down with Charlie Miller, the researcher who broke into a fully patched MacBook machine using a Safari code execution vulnerability. We discuss the state of Web browser security, the vulnerability marketplace and...; Tags: Apple Macintosh, Mozilla Firefox, Apple Safari, Vulnerability, Bug, Microsoft Internet Explorer, Google Chrome, Hacker, Exploit, Web Browsers, Security, Internet, Ryan Naraine; Blog posts 2009-03-19
Pwn2Own 2009: Macbook falls in seconds: Pwn2Own 2009: Macbook falls in secondsAgain?Fool me once, shame on you. Fool me, twice shame on me.HAHAHAHAHAHAHAHAHA!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!Plummeting computer sales.Plummeting iPhone sales.Plummeting security.What a fantastic week for anyone not emotionally invested in Apple! :)HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!I had to read it again. OS X fell in SECONDS??!!??!!And Windows 7 is still standing??!!??!!Hmm, in...; Tags: Desktops, Well Windows, Pwn2Own 2009, Apple Inc., security, Apple MacBook, vulnerability; Discussion threads 2009-03-18

Targeted malware attacks exploiting IE7 flaw detected: Researchers at TrendMicro have detected a targeted malware attack exploiting last week's patched critical MS09-002 vulnerability affecting Internet Explorer 7.Ã‚Â Upon opening the spammed Microsoft office document, vulnerable users are automatically forwarded to a Chinese live exploit site which still remains active. The attack has also been...; Tags: Trend Micro Inc., Flaw, Vulnerability, Microsoft Internet Explorer 7, Malware, Hacker, Exploit, Attack, MS09-002, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Dancho Danchev; Blog posts 2009-02-17
Android exploit so dangerous, users warned to avoid phone’s web browser: Android exploit so dangerous, users warned to avoid phone’s web browserAre there any exploits in the wild for this?If not, then use the browser all you want. According to the Apple apologist rules of vulnerabilities, you can use a vulnerable device without a single concern as long as there are...; Tags: Web browsers, Web browser, Apple Inc., phone, exploit; Discussion threads 2009-02-12
Thousands of legitimate sites SQL injected to serve IE exploit: Thousands of legitimate sites SQL injected to serve IE exploitThis is why Firefox + NoScript isn't a magic fixBefore any Firefox zealots start going nuts, Firefox + NoScript is my browser configuration of choice.That being said, people do have to be careful when they use the "Allow " option of...; Tags: Web browsers, SECURITY, Viruses and worms, NoScript, whitelist, Mozilla Firefox, SQL, Microsoft Internet Explorer, attack; Discussion threads 2008-12-17
Thousands of legitimate sites SQL injected to serve IE exploit: Once again confirming the trend of having more legitimate sites serving exploits and malware than purely malicious ones, Chinese hackers have been keeping themselves busy during the last couple of days, launching massive SQL injection attacks affecting over 100,000 web sites. The SQL injection attacks serving the...; Tags: Web, Malware, SQL, Microsoft Internet Explorer, Exploit, Spyware, Adware & Malware, Cyberthreats, Security, Dancho Danchev; Blog posts 2008-12-17
IE 7 users: stop looking at porn now!: Microsoft has reported sightings of exploitation of the recent vulnerability in IE7 on various porn sites. This isn't really bad news, since no one looks at such improper things on the Internet, right? According to an article posted late saturday night on Microsoft's Threat Research Blog,...; Tags: Credit Card, Vulnerability, Microsoft Internet Explorer 7, Data-processing, Microsoft Internet Explorer, Microsoft Corp., Exploit, Web Browsers, Sales Channel, Financial Services, Security, Internet, Sales, Adam O'Donnell; Blog posts 2008-12-15
Internet Explorer users under attack: Internet Explorer users under attackYeahOne more reason I'm a Firefox user.Windows Vista + Mozilla Firefox FTW :DAt least temporarily consider use of an alternate browserOpera, Firefox, Chrome, Safari.RE: Internet Explorer users under attack"exposed to websites containing exploits of this latest vulnerability"What specific web sites? "Free" porn sites, the usual sleezy...; Tags: Web browsers, Web site development, SECURITY, Internet explorer User, attack, Microsoft Internet Explorer; Discussion threads 2008-12-14
IE7 XML parsing zero day exploited in the wild: IE7 XML parsing zero day exploited in the wildThank goodness for Protected ModeFlaws such as this can easily be present in any browser. Good thing that IE on Vista runs in Protected Mode so that the exploit can't do much damage.Not sure if Chrome's security model includes an equivalent...; Tags: Web browsers, Microsoft Internet Explorer 7, Protected Mode, protected mode, exploit, IE7 XML parsing; Discussion threads 2008-12-10
Hackers exploiting (unpatched) IE 7 flaw to launch drive-by attacks: Hackers exploiting unpatched IE 7 flaw to launch drive-by attacksCmon Loverock, Comment On This One!That's right, you selectively avoid stories like this. If it's anti-Linux, you pounce right on it.IE7 is a joke.So this doesn't affect XP SP3 or Vista?[i]The Web attacks, first reported by Bob McMillan, takes aim...; Tags: Web browsers, Microsoft Windows Vista (Longhorn), Microsoft Windows XP Service Pack 2, SECURITY, Microsoft Internet Explorer 7, Microsoft Internet Explorer, Microsoft Windows Vista, Microsoft Windows, exploit, Microsoft Windows XP; Discussion threads 2008-12-09
Cybercriminals release Christmas themed web malware exploitation kit: "Committing cybercrime around the Christmas tree" has always been a tradition for malicious attackers introducing new ways to scam the millions of online shoppers during the holidays. This Christmas isn't going to be an exception, but what has changed compared last couple of years is the tone of the Xmas...; Tags: Web, Infection, Malware, Exploit, Christmas, Web Malware Exploitation Kit, Exploitation Kit, Security, Dancho Danchev; Blog posts 2008-11-24
Black market for zero day vulnerabilities still thriving: Black market for zero day vulnerabilities still thrivingWhy shouldn't everyone want to make illegal...... the writing and publication of exploits? For any expressed purpose.How long will the idea of goading the software companies prevent people from realizing that the difference between a malign and supposedly useful exploit is the...; Tags: Black Market, day vulnerability, Canadian Law, exploit; Discussion threads 2008-11-03
Black market for zero day vulnerabilities still thriving: One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released flaws. They'd be wrong. The black market for zero day vulnerabilities and the concept of over-the-counter OTC trade of zero day flaws, has been...; Tags: Web, Vulnerability, Web Application, SQL Injection, Exploit, Day Vulnerability, E-shop, Security, Dancho Danchev; Blog posts 2008-11-02
Exploit published for Windows worm hole: Exploit published for Windows worm holeThis is no big deal, right?This was patched for OSs that are 7 years old before the exploit was released and the exploit does not work on the latest version that was released nearly 2 years ago. The equivalent would be a worm targeting Panther...; Tags: exploit, worm hole, Microsoft Windows; Discussion threads 2008-10-28
Secunia: popular security suites failing to block exploits: Secunia: popular security suites failing to block exploitsPatch your applications...And don't run your browser with administrative rights (in case you forget to patch those applications, e.g., WinAmp, QuickTime, etc).If you're on Windows XP/2000 or Vista and you've foolishly turned off UAC, you can use this tool:http://www.download.com/RemoveAdmin/3000-2381_4-10824971.html?tag=lst-1&cdlPid=10835515Thing is, RemoveAdmin is a...; Tags: Microsoft Windows, Secunia, popular security suite, exploit, security suite, Kaspersky, security; Discussion threads 2008-10-14
Secunia: popular security suites failing to block exploits: In a recently conducted comparative review, Danish security company Secunia, tested the detection rate of 12 different Internet Security Suites against 300 exploits (144 malicious files and 156 malicious web pages) affecting popular end user applications, to find that even the top performer in the test is in fact performing...; Tags: Web, Malware, Exploit, Secunia, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Dancho Danchev; Blog posts 2008-10-14
Clickjacking: Researchers raise alert for scary new cross-browser exploit: Clickjacking: Researchers raise alert for scary new cross-browser exploitText or graphicremember there use to be a link on web pages if you wanted text only or graphics.that should be put back in placein the wild?"Zero-day" means that the exploit was being used in the wild before a patch was released...; Tags: Web site development, Web browsers, exploit writer, Clickjacking, exploit; Discussion threads 2008-09-25