Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- sort by:
- Relevance
- Date
- Popularity
- Zoho Writer flaw highlights disclosure problem in Web 2.0 world
- Zoho Writer flaw highlights disclosure problem in Web 2.0 worldNice, I love pwning Word 2.0Very interesting Ryan! Look for more like this at my Black Hat presentation with Rob Carter, John Heasman, and Billy Rios. Heasman and Rios have both been terrorizing Word 2.0 apps.-Nate
- Discussion threads 2008-05-19
Additional Resources
- Researchers demo BIOS attack that survives hard-disk wipe
- A pair of Argentinian researchers have found a way to perform a BIOS level malware attack capable of surviving even a hard-disk wipe. The researchers -- Alfredo Ortega and Anibal Sacco from Core Security Technologies -- used the stage at last week's CanSecWest conference to demonstrate methods...
- Blog posts 2009-03-23
- Black Hat Las Vegas Day 2
- Again, sorry for the late updates. Vegas is the kind of place that demands a lot of a person. Too many parties make it difficult to find time to blog on the conference. Pictures of the even are a bit sparse, due to consistently forgetting to bring my camera, but...
- Blog posts 2008-08-09
- On GIFARs
- Ever since Rob McMillan of IDG published a story giving a preview of our coming Black Hat talk, specifically a preview of the portion of our talk related to GIFARs, media coverage of the research has swirled a bit out of control and there's been some misconceptions. My co-presenter John...
- Blog posts 2008-08-02
- Black Hat Sneak Preview
- Rob McMillan from IDG interviewed John Heasman and I today about the presentation we will be delivering with Rob Carter at Black Hat Vegas next week. The article has a good teaser about one of the more interesting of the many attacks we will cover, namely what we've coined...
- Blog posts 2008-08-01
- Remote code execution through Intel CPU bugs
- Kris Kaspersky, author of numerous books on reverse engineering and software engineering, will be presenting his research on remote code execution through Intel CPU bugs at the upcoming Hack in the Box Security Conference in Malaysia. If his proof of concept code consisting of JavaScript or TCP/IP packet attacks on...
- Blog posts 2008-07-14
- Sun releases JRE Version 6 Update 7, 90% of desktops currently at risk*
- * The 90% of desktops currently at risk comes from numbers presented at the Java One Keynote in 2008. If you aren't patched, get the Java control panel up and get updated, or go to Sun's site to download the update, cause this one's big. Yesterday Sun...
- Blog posts 2008-07-11
- McAfee S.P.A.M. experiment and more ridiculous HackerSafe failures
- McAfee S.P.A.M. experiment and more ridiculous HackerSafe failuresI get slammed for pronouncing the name wrong, but McAfee is the bestMcAfee is the only true voice on security. I have never once seen a computer with their AV software installed that has be overrun with viruses. If this is...
- Discussion threads 2008-07-02
- Researcher keeps 'carpet bomb' attack alive, despite patch
- Security research Billy Rios posted an article today about the Apple Safari "Carpet Bomb" attack, discussing a new issue that, despite the patch which prevented a "blended" remote command execution attack when Safari was used in conjunction with IE on a Windows system, keeps the "Carpet Bomb" attack alive and well. ...
- Blog posts 2008-06-21
- 2008 Pwnie Awards
- Don't forget to go and vote on the Pwnie Awards, which will happen at Black Hat Vegas again this year. I don't want to campaign for votes, but I wouldn't be pissed if some of my loyal readers out there voted for me, Billy Rios, Rob Carter, and John Heasman and...
- Blog posts 2008-06-19
- Black Hat '08 preview webcast on its way
- Ladies and gents, For those who hadn't heard, I will be presenting at Black Hat Vegas '08 this year with Rob Carter, John Heasman, and Billy Rios. Our presentation is called "The Internet is Broken: Beyond document.cookie - Extreme Client Side Attacks", which may sound like a...
- Blog posts 2008-06-15
- Hacking SCADA for terrorism and destruction
- SCADA scares me, and I've seen enough things on the Internet to be desensitized to many things, but attacks against SCADA threaten our national security in a very real and topical way by attacking power grids, water treatment plants, nuclear plants, etc. Hacking networks that SCADA devices reside on and...
- Blog posts 2008-06-12
- Another bug your tools won't find and your WAF won't prevent
- First off, I want to apologize to our readers for not being here as much last week. I had a rough week involving a random ear infection and the loss of an aunt to cancer, so it was not a week where I was very concerned about computer security or...
- Blog posts 2008-06-09
- Black Hat Vegas '08: Sneak peek at some of the interesting attacks we will unveil
- John Heasman posted a sneak preview of our Black Hat presentation, which will happen in August in Las Vegas today. This particular attack is extremely interesting, multi-stage nastiness involving the use of Java to steal domain credentials. John describes this as: "I'm going to revisit an old...
- Blog posts 2008-06-06
- RSnake picks on Google Health... yes, Google wants your medical records, too!
- Interesting article from Robert "RSnake" Hansen yesterday on one of Google's new innovations, the Google Health application. Yeah, imagine that, Google wants to own the content of your medical records, too! You'd think that Google would want to avoid this due to HIPPA complications, as this is a true example of...
- Blog posts 2008-05-22
- Aviv Raff drops an 0-day for IE 7.0 and 8.0b on XP
- I've been busy all day and just haven't been able to get to it until now, but Aviv Raff is a seriously bad man. I follow his blog religiously as he always has some cool stuff going on and a lot of it tends to be thought provoking for other...
- Blog posts 2008-05-14
- ToorCon Seattle 2008: Nuke plants, non-existent sub domain attacks, muffin diving, and Guitar Hero
- *** Updated: ToorCon images uploaded. Click here! Alright, that title probably sounds pretty random... well, welcome to ToorCon! ToorCon has long been one of my favorite conferences for the easy atmosphere, laid-back presentations, and parties. This year's Seattle-based ToorCon was the best I've been to. ...
- Blog posts 2008-04-21
- PCI Compliance gets clarified and neutered (further)
- At one point, I thought that PCI certification was a great thing. Now I realize that it's not really about security at all... it's about money and responsibility and transferring ownership of risk. The PCI certification just got a clarification: "6.6 Ensure that all web-facing applications...
- Blog posts 2008-04-17
- Taking ownership (pwnership) of content: Cross-site Scripting Google
- My good friend Billy Rios pictured to the right published another interesting exploit recently. It's a cross-site scripting exposure in spreadsheets.google.com, which is interesting because it's exploited by using the content-type returned by spreadsheets.google.com and a caching flaw on the part of Google. Here's some details from Billy's blog: I was...
- Blog posts 2008-04-16
- Interview with the Vista Pwn2Own contest winners
- Interview with the Vista Pwn2Own contest winnersSo NO, we did not duplicate it on any other platform.What Nate states is this is a compiler issue with a polymorphism/name mangling bug. Therefore, it is not a Adobe coding issue. So my questions still remain:1) Have you duplicated this on...
- Discussion threads 2008-04-02
- << Previous
- page 1 of 1
- Next >>
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
