Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Samba dinged by 'highly critical' flaw
- Researchers at Secunia have flagged a "highly critical" vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing. According to an advisory from Secunia, the vulnerability affects Samba versions 3.0.28a and 3.0.29 and can be exploited by malicious people to compromise a vulnerable...
- Tags: Samba, Small And Medium Business, Flaw, Exploitation, Smb/Sme, Servers, Security, Hardware, Ryan Naraine
- Blog posts 2008-05-28
- Secunia finds 'highly critical' Foxit Reader Flaw
- Add the popular Foxit Reader to the list of desktop software applications to be patched as a matter of priority. According to vulnerability research outfit Secunia, there's a "highly critical" vulnerability in the alternative PDF reader software that can be exploited by malicious hackers to take complete...
- Tags: Software, Desktop, Vulnerability, Secunia, Flaw, Exploitation, Tools & Techniques, Patches, Security, Management, Ryan Naraine
- Blog posts 2008-05-20
- Details, details, details... more on the Microsoft flaws from today
- Thought I'd explore some of these bugs a bit more... first, Tipping Point released one of the vulnerabilities that Larry reported earlier, listed as a stack overflow issue in Microsoft Office Jet Database Engine. The stack overflow isn't what's interesting, what's interesting is the attack vector itself. To be fair to...
- Tags: Vulnerability, Microsoft Corp., Database Engine, iDefense, Flaw, Exploitation, Microsoft Word, Word Processors, CSS, Microsoft Office, Security, Databases, Office Suites, Software, Scripting Languages, Software/Web Development, Web Development, Enterprise Software, Data Management, Nathan McFeters
- Blog posts 2008-05-13
- Hacking NASA: One small step for man, one giant leap for hackers?
- The CORE Security Team released an advisory to the Full-Disclosure mailing list today that documented a stack overflow in NASA's Common Data Format libs. Looking at this bug, the tech details aren't overwhelming, I think I'm mostly excited about it due to the high profile of hacking NASA libs. One...
- Tags: NASA, Vulnerability, Hacker, Exploitation, Common Data Format 3.2.1, Security, Patches, Hacking, Nathan McFeters
- Blog posts 2008-05-05
- ActiveX woes bite CA BrightStor
- Another day another ActiveX problem. This time an ActiveX vulnerability in CA BrightStor ARCServe Backup could be exploited to compromise a user's system. A Secunia alert rates the vulnerability "highly critical." Here are the details: Krystian Kloskowski has reported a vulnerability in CA BrightStor ARCserve Backup,...
- Tags: Vulnerability, Computer Associates International Inc., ActiveX, CA BrightStor, Exploitation, ActiveX/COM/COM+/DCOM, Storage Management, It Management, Security, Software Development, Software/Web Development, Storage, Hardware, It service Management, Larry Dignan
- Blog posts 2008-03-17
- Exploitation is Still Possible as Third-Parties Neglect to Implement Vista Security Features
- Exploitation is Still Possible as Third-Parties Neglect to Implement Vista Security Features"Exploitation is Still Possible...""What’s really important to gather from all of this, is that while Windows has made major improvements to it’s security..."itsObsessive-compuslsive or not, it's "its".--GlennRE: Exploitation is Still Possible as Third-Parties Neglect to Implement Vista Security FeaturesVista...
- Tags: Operating systems, UNIX, Third-Party Vendor, Exploitation, Problem Here, Still Possible, Third-Parties Neglect, Implement Vista Security Features, Implement Vista, security, Microsoft Corp., exploitation
- Discussion threads 2008-03-03
- Exploitation is Still Possible as Third-Parties Neglect to Implement Vista Security Features
- Consider this, Microsoft spends huge amounts of dollars and manpower creating protections for the Vista operating system, yet we still have old school vulnerabilities. Why? The answer is simple really, third-party created code is not stepping up and taking advantage of these powerful protection mechanisms. I'm not...
- Tags: Security, Microsoft Windows Vista, Data Execution Prevention, Exploitation, Address Space Layout Randomization, Nathan McFeters
- Blog posts 2008-03-02
- QuickTime zero-day attacks intercepted
- Researchers at Symantec have intercepted two different in-the-wild malware attacks targeting an unpatched code execution vulnerability in Apple's QuickTime media player. Honeypots in Symantec's DeepSight Threat Management System captured the first known case of exploit exploitation of the flaw on December 1st, 2007. The company has since...
- Tags: Apple QuickTime, Vulnerability, Malware, Zero-day Bug, Attack, Exploitation, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Ryan Naraine
- Blog posts 2007-12-03
- IE users beware: RealPlayer zero-day flaw under attack
- See updates below with confirmation from RealNetworks and plans for an emergency RealPlayer patch Hackers are actively exploiting a zero-day hole in RealNetworks' RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. The in-the-wild attacks, which began...
- Tags: Attacker, Victim, Microsoft Internet Explorer, RealNetworks RealPlayer, Attack, Flaw, Exploitation, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Ryan Naraine
- Blog posts 2007-10-19
- Zero-day flaws surface in AOL, Yahoo IM products
- Zero-day vulnerabilities in two popular instant messaging products could put millions of computer users at risk of malicious hacker attacks. Exploit code has been released for the more serious of the two flaws -- a gaping hole in Yahoo Messenger -- that could expose users to code...
- Tags: Yahoo IM, AOL Instant Messenger, America Online Inc., IM, Yahoo! Inc., User, Secunia, Flaw, Exploitation, Instant Messaging, Security, Internet, Online Communications, Ryan Naraine
- Blog posts 2007-09-19
- ActiveX flaws haunt QuickBooks Online
- The U.S. Computer Emergency Readiness Team (US-CERT) is warning about multiple code execution holes affecting users of Intuit QuickBooks Online Edition. The vulnerabilities, rated "highly critical" by Secunia, can be exploited by a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. ...
- Tags: Intuit Inc., Intuit QuickBooks, ActiveX, Flaw, Exploitation, Ryan Naraine
- Blog posts 2007-09-05
- Trend Micro, Zone Labs, ClamAV join list of insecure security products
- Add Trend Micro, Check Point Zone Labs and ClamAV to the long list of security products that put end users at risk of malicious hacker attacks.The three vendors have all acknowledged various security vulnerabilities in a range of desktop and server products that could lead to arbitrary code execution, privilege...
- Tags: Security, Check Point Software Technologies Ltd., Trend Micro Inc., Zone Labs Inc., Ryan Naraine
- Blog posts 2007-08-22
- Zero-day RPC flaw in Microsoft DNS
- Zero-day RPC flaw in Microsoft DNSMissing some good details..Last time I checked there was a zero day section...guess you guys are competing or something. Regardless, thanks for the heads up, but you did not post any details besides what is vulnerable. [b]"A vulnerability has been reported in Microsoft Windows, which...
- Tags: Domain names, Microsoft Windows, NETWORKING, SECURITY, exploitation, DNS, Microsoft Corp., Zero-day RPC, Microsoft DNS, flaw, vulnerability
- Discussion threads 2007-04-13
- Michael Dell pushes governments to invest in IT
- Michael Dell pushes governments to invest in ITGovernments should investto: See that all of their people have food.See that all of their people have proper housing.See that their people have proper medical care.See that their people are free to worship or not worship as they please.See that ALL their people...
- Tags: Vertical industries, Exploitation, Big Brother, government, Dell Computer Corp., IT IS, information technology
- Discussion threads 2006-05-04
- What's the next security threat?
- What's the next security threat?The next security threat is:"WINDOZE"Oh, wait, WINDOZE has been a security threat for 20 years. OK, the next security threat is Vista - another MICROSUCKS abortion.The next security threat has a name and it isVista.... it's not out yet so we are still secure until it...
- Tags: Web browsers, exploitation, security threat, Mozilla Firefox, security, JavaScript
- Discussion threads 2006-04-17
- Open-source companies see profit aplenty
- Open-source companies see profit aplentySee....1.Make/develope/update free software.2.Sell support or a commercial license depending on the vendor3.Profit. The only thing that i would say they need to do is make sure their commercial license is extremely compeditive. or else... So long and thanks for all the code.Interesting article......doesn't say whether RedHat...
- Tags: Tools & Techniques, GPL, software, exploitation, open source, Even Microsoft
- Discussion threads 2004-05-19
Additional Resources
- Gaping holes in RealPlayer patched
- Digital media delivery firm RealNetworks has shipped a high-prority patch to cover four gaping holes in its flagship RealPlayer software, warning that the vulnerabilities could put users at risk of code execution attacks. The patch comes a few hours after Secunia released an advisory warning for one...
- Tags: Vulnerability, RealNetworks Inc., RealNetworks RealPlayer, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Ryan Naraine
- Blog posts 2008-07-25
- Heap-based buffer overflow reported in RealNetworks RealPlayer
- Update 07/25/2008: Aaron Portnoy of TippingPoint's security research group was kind enough to point out that I'm actually not affected by this, since I've installed the newest version of RealPlayer. From Aaron's email: Notice the Secunia advisory states it affects RealPlayer 10.5... the latest is 11.x, which now uses...
- Tags: Vulnerability, RealNetworks Inc., Buffer-overflow, RealNetworks RealPlayer, Secunia Research, Vendor, Digital Music, Digital Media, Personal Technology, Consumer Electronics, Nathan McFeters
- Blog posts 2008-07-25
- Live Webcast: Mid-Year Report: Malware, Spam and Web Threats in 2008
- What's NOT happening in 2008? The web continues to be a vector for cyber threats. Incidents of spear-phishing continue to dupe users, and botnets are increasing in popularity amongst growing economies across the globe. Complex polymorphic viruses as opposed to the more mundane Trojan horses are getting...
- Tags: Web, Webcast, Sophos Plc., Malware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Channel Management, Security, Marketing
- Webcasts 2008-07-24
- 2008 Pwnie Award nominees announced
- Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on. From the site: The final list of nominees for the nine Pwnie Award categories is ...
- Tags: Nominee, Vulnerability, XSS, Attack, Flaw, Dan, XSS Flaw, Lifelock, Security, Nathan McFeters
- Blog posts 2008-07-21
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Tech news covering the latest in products, conferences and blog commentary, from ZDNet video.
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
The Cisco Mobility Resource Center offers FREE videos, downloads, podcasts and more, all designed to help small and medium businesses get mobile connectivity solutions, improve productivity and drive sales and revenue.
Tasty Baking’s new LEED factory
0:57
Tasty Baking CIO: Brendan O’Malley
Balancing act: innovation vs. reliability
1:28
Facebook VP of technical operations: Jonathan Heiliger
Securing data at E-Loan
1:47
E-Loan CIO: Jay Shah
When crops are scarce
1:47
Del Monte Foods CIO: Marc Brown
