flaw Resources

Did you mean security flaw (14 results)

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

News to know: DNS flaw; Amazon; Microsoft shakeup; Facebook: Notable headlines: Ryan Naraine: Researchers borrow from Google PageRank for network defense service Attack code published for DNS flaw Nate McFeters: |)ruid and HD Moore release part 2 of DNS exploit 'Spam King' escapes from federal prison iPhone vulnerable to phishing,...; Tags: Apple iPhone, Facebook, DNS, Amazon.com Inc., Microsoft Corp., Microsoft Xbox, Flaw, Game Players, Domain Names, Networking, Security, Consumer Electronics, Personal Technology, Internet, Larry Dignan; Blog posts 2008-07-24
iPhone vulnerable to phishing, spamming flaws: Security researcher Aviv Raff left has discovered a pair of basic design flaws that could turn your iPhone into easy bait for malicious phishing and spamming attacks. According to an advisory from Raff, the iPhone's Mail and Safari applications are susceptible to a URL Spoofing vulnerability which...; Tags: Apple iPhone, Apple Safari, Vulnerability, Spamming, Flaw, Aviv Raff, Phishing, Spam, Security, Spam And Phishing, Ryan Naraine; Blog posts 2008-07-23
75ò0of online banking sites found vulnerable to security design flaws: 75ò0of online banking sites found vulnerable to security design flawsJust 75%?I would think it is much more likely to be 100% is vulnerable to SOME issue, 90% is vulnerable to a High-risk issue.-NateRE: 75ï¿½0of online banking sites found vulnerable to security design flawsThey fail to say which banks are at...; Tags: Banking, E-business/E-commerce, online banking site, online banking, security, flaw, bank; Discussion threads 2008-07-23
McAfee debunks recent vulnerabilities in AV software research, n.runs restates its position: Several days after blogging about a research conduced by n.runs AG that managed to discover approximately 800 vulnerabilities in antivirus products, McAfee issued a statement basically debunking the number of vulnerabilities found, and providing its own account into the number of vulnerabilities affecting its own products : "A recent...; Tags: Software, McAfee Inc., Antivirus, Vulnerability, Vendor, Flaw, N.Runs, Dancho, Security, Viruses And Worms, Dancho Danchev; Blog posts 2008-07-23
75% of online banking sites found vulnerable to security design flaws: In a paper entitled "Analyzing Web sites for user-visible security design flaws" to be published at the Symposium on Usable Privacy and Security meeting at Carnegie Mellon University July 25, Atul Prakash and two of his doctoral students examined 214 financial institutions in 2006, finding that over 75% of all...; Tags: Bank, Online Banking, Flaw, Security, Financial Services, Dancho Danchev; Blog posts 2008-07-23

2008 Pwnie Award nominees announced: Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.Â From the site: The final list of nominees for the nine Pwnie Award categories is ...; Tags: Nominee, Vulnerability, XSS, Attack, Flaw, Dan, XSS Flaw, Lifelock, Security, Nathan McFeters; Blog posts 2008-07-21
Kaminsky to discuss DNS flaw at Black Hat sponsored webcast: The Black Hat group on Twitter provided a message today alerting people to a webcast to be put on by Dan Kaminsky on the DNS vulnerabilities that I've heavily covered as follows: Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08 ...; Tags: Black Hat, Webcast, DNS, Flaw, Domain Names, Networking, Internet, Nathan McFeters; Blog posts 2008-07-15
Apple releases patches for dangerous QuickTime flaws in Apple TV 2.1 product: Apple released patches for its Apple TV 2.1 product yesterday. Some of you might be saying, why do I care, I don't use Apple TV. Well, if you do use Apple TV, you obviously should care as some of these are very serious flaws, but if you don't,...; Tags: Apple QuickTime, Movie, Patch Management, Apple Inc., Issue, Apple TV, Arbitrary Code Execution, Flaw, IMPACT, CVE-ID, Application Termination, Nathan McFeters; Blog posts 2008-07-11
Kaminsky and Ptacek comment on DNS flaw: Kaminsky and Ptacek comment on DNS flaw"Important"I guess Microsoft agrees that it's not a really scary vulnerability.ActuallyI talked to Dan about this. It early on threw me off too, but their rating has to do with the fact that it is a spoofing flaw, and not an arbitrary code...; Tags: Domain names, SECURITY, Ptacek, Kaminsky, DNS, flaw; Discussion threads 2008-07-08
Kaminsky and Ptacek comment on DNS flaw: Well, well, well, what a day for security news! I got a chance to get the scoop word of mouth from Dan Kaminsky of IOActive (pictured above [image courtesy of quinnums]) and Thomas Ptacek of Matasano pictured below on the DNS flaw that's been all over the...; Tags: DNS, Flaw, Nate, Domain Names, Networking, Security, Internet, Nathan McFeters; Blog posts 2008-07-08
Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08: It would seem there's a bigger story to that MS08-037 flaw that came out for Patch Tuesday today. From Dave Lewis over at the Liquid Matrix security blog: Today Dan Kaminsky released a first, as far as I can recall. A coordinated patch was released today...; Tags: Black Hat, DNS, CERT, Flaw, Mogull, Updates, Domain Names, Networking, Security, Internet, Nathan McFeters; Blog posts 2008-07-08
On deck from MS: Four 'important' patches but nothing for IE: On deck from MS: Four 'important' patches but nothing for IEAm I correct that uninstalling Safari mitigates the problem?I realize it isn't a fix but am I correct in believing that for the time being, removing Safari effectively closes off the only known attack vector that can utilize this vulnerability?...; Tags: Web browsers, SECURITY, patch management, flaw, Apple Safari, Apple Inc., Microsoft Corp., Microsoft Internet Explorer; Discussion threads 2008-07-03
On deck from MS: Four 'important' patches but nothing for IE: Next Tuesday, Microsoft plans to ship four security updates for multiple flaws affecting Windows, Microsoft SQL Server and Microsoft Exchange Server but the absence of fixes for publicly known Internet Explorer issues is causing raised eyebrows among security professionals. According to the company's advance notice for July's...; Tags: Patch Management, Microsoft Internet Explorer, Microsoft Corp., Flaw, Web Browsers, Microsoft Windows, Security, Internet, Operating Systems, Software, Ryan Naraine; Blog posts 2008-07-03
Opera patches serious code exection flaw: Opera patches serious code exection flawURI/Protocol Handler AbuseI can confirm that Rios has been working on a protocol handler flaw on Opera. I'm not sure if this is what was patched... we've both been so busy lately we haven't been researching together as much as we did in the...; Tags: Opera Software, flaw, Opera patch, patch management; Discussion threads 2008-07-03
Opera patches serious code exection flaw: Opera Software has joined the list of browser vendors shipping fixes for serious remote code execution vulnerabilities. The company's new Opera 9.5.1 patches at least four security issues, the most serious being a flaw reported by Microsoft's Billy Rios that could be used to execute arbitrary code....; Tags: Opera Software, Patch Management, Flaw, Security Statu, Security, Ryan Naraine; Blog posts 2008-07-03
Remote code execution flaw in VLC Media Player: Researchers at Secunia have found a "highly critical" vulnerability that puts users of the cross-platform VLC Media Player at risk of remote code execution attacks. The vulnerability is confirmed in version 0.8.6h on Windows. Prior versions may also be affected. Â Â A patch is expected soon from...; Tags: Vulnerability, WAV, Secunia, Flaw, Security, Ryan Naraine; Blog posts 2008-07-02
Apple posts iPhone 3G guided tour: Apple posts iPhone 3G guided tourI would have watched it but Apple won't let meI refuse to install QuickTime, the biggest security hole in modern day history, just to watch this video. Too bad, there might have been something in that video that made me change my mind and pick...; Tags: Corporate communications, Apple Inc., Apple iPhone, 3G; Discussion threads 2008-07-01
HSBC sites vulnerable to XSS flaws, could aid phishing attacks: What would the perfect phishing attack from a social engineering perspective? The one that compared to using typosquatted domains impersonating the bank's web application directory structure is in fact using the bank's legitimate domain names as redirectors due to XSS flaws within. It's even more interesting to measure the average...; Tags: Bank, Vulnerability, XSS, Flaw, Phishing, Cyberthreats, Financial Services, Security, Viruses And Worms, Spam And Phishing, Dancho Danchev; Blog posts 2008-06-29
News to know: ICANN hacked; IE flaw; OpenSuse 11; Hyper-V; iPhone 3G: Notable headlines: Ryan Naraine: Zero-day flaw haunts Internet Explorer Tech heavyweights launch security response consortium ICANN and IANA's domains hijacked by Turkish hacking group Security researchers hack the London underground train for free ride Matthew...; Tags: Apple iPhone, ICANN, Novell OpenSuse, Microsoft Internet Explorer, Microsoft Corp., Flaw, 3G, Cellular Phones, Healthcare, Wireless, Consumer Electronics, Personal Technology, David Grober; Blog posts 2008-06-27
Security researcher keeps "Carpet Bomb" attack alive, despite patch: Security researcher keeps "Carpet Bomb" attack alive, despite patchYesIt def. still works, albeit not in exactly the same way. I can't comment more until Rios has released details.-NateIs the attack really still "alive" ?Re-read BK's blog:"... Safari's behavior affected more than just IE. In fact, I've discovered a way...; Tags: Web browsers, Cyberthreats, Spyware, adware & malware, Apple Safari, carpet bomb, bomb, security; Discussion threads 2008-06-21