Sponsored White Papers, Webcasts, and Downloads
Additional Resources
- Talking Firefox security with Mozilla's Window Snyder
- LAS VEGAS -- Mozilla security chief Window Snyder wants to open-source much more than the Firefox browser. During a sit-down chat at the Black Hat security conference here, Snyder announced plans to launch three new initiatives around threat modeling, training and vulnerability metrics that push the envelope...
- Tags: mozilla firefox, window, training, web browser, mozilla corp., window snyder, web browsers, security, internet, ryan naraine
- Blog posts 2008-08-06
- Attack code published for DNS flaw
- Attack code published for DNS flawIrresponsible and evil"In an IM exchange, Moore told me his exploit takes about a minute or two to poison a DNS cache but said he is working to improve it in version 2.0."As far as i am concerened he is just an evil person to...
- Tags: Domain names, Halvar, exploit, DNS
- Discussion threads 2008-07-23
- Vulnerability disclosure gone awry: Understanding the DNS debacle
- On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky with the help of Black Hat conference organizers invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday." "A synchronized...
- Tags: Black Hat, DNS, Conference, Dan Kaminsky, Thomas Ptacek, Domain Names, Patches, Security, Networking, Internet, Ryan Naraine
- Blog posts 2008-07-22
- 2008 Pwnie Award nominees announced
- Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on. From the site: The final list of nominees for the nine Pwnie Award categories is ...
- Tags: Nominee, Vulnerability, XSS, Attack, Flaw, Dan, XSS Flaw, Lifelock, Security, Nathan McFeters
- Blog posts 2008-07-21
- Don't doubt Deputy Dan
- Well, it would seem that Tom Ptacek may have figured out something to do with Dan Kaminsky's earlier DNS flaw, and this may actually be the vulnerability to fear that we had originally heard. Let's just say this, I've read Tom's postings on the Matasano blog for quite some time...
- Tags: DNS, Domain Names, Networking, Internet, Nathan McFeters
- Blog posts 2008-07-08
- Kaminsky and Ptacek comment on DNS flaw
- Well, well, well, what a day for security news! I got a chance to get the scoop word of mouth from Dan Kaminsky of IOActive (pictured above [image courtesy of quinnums]) and Thomas Ptacek of Matasano pictured below on the DNS flaw that's been all over the...
- Tags: DNS, Flaw, Nate, Domain Names, Networking, Security, Internet, Nathan McFeters
- Blog posts 2008-07-08
- Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08
- It would seem there's a bigger story to that MS08-037 flaw that came out for Patch Tuesday today. From Dave Lewis over at the Liquid Matrix security blog: Today Dan Kaminsky released a first, as far as I can recall. A coordinated patch was released today...
- Tags: Black Hat, DNS, CERT, Flaw, Mogull, Updates, Domain Names, Networking, Security, Internet, Nathan McFeters
- Blog posts 2008-07-08
- News to know: Searching Silverlight; IE 8; Dell; Google vs. YouTube
- Notable headlines: Mary Jo Foley: Microsoft: Silverlight content searchable, too Ryan Stewart: Brian Goldfarb talks about Silverlight 2 and Deep Zoom with Michael Cot LineRider releases a Silverlight 2 version Microsoft steps up self-policing of its OSI-approved source licenses ...
- Tags: Apple iPhone, Security, Google Inc., Dell Computer Corp., Microsoft Silverlight, Mobile, YouTube Inc., Microsoft Internet Explorer, Microsoft Corp., Linux, UNIX, Keyboards, Operating Systems, Advertising & Promotion, Open Source, Software, Hardware, Peripherals, Marketing, Larry Dignan
- Blog posts 2008-07-03
- Matasano ships Web-based firewall manager
- The firewall is one of the few security tools that has been proven to be very effective at improving a company's security posture. However, staying on top of policies -- and responding to change requests -- while trying to manage multiple firewalls from different vendors can be a never-ending nightmare...
- Tags: Web, Network, Matasano Security, Network Firewall, Playbook, Firewalls, Network Security, Security, Networking, Ryan Naraine
- Blog posts 2008-07-02
- An effective way to treat Web 2.0 vulnerabilities
- I'm personally a huge fan of the Matasano blog, and have a lot of respect for their group. I took a peek over at their blog today and noticed an article by Dave Goldsmith that deals with "Vulnerability Reporting in a Web 2.0 World Continued". In this...
- Tags: Web, Web 2.0, Vulnerability, Defect, Security, Nathan McFeters
- Blog posts 2008-06-28
- How Snow Leopard can save Mac OS X from malware attacks
- Guest Editorial by Dino Dai Zovi As reported by Intego and Matasano Security, a new local privilege escalation vulnerability has been found that gives local root access on Mac OS X Tiger and Leopard. While Intego calls this a critical vulnerability, I'm mostly with...
- Tags: Apple Macintosh, Vulnerability, Malware, Attack, Apple Mac OS X, Apple Mac OS, Spyware, Adware & Malware, Desktops, Cyberthreats, Security, Operating Systems, Viruses And Worms, Software, Hardware, Ryan Naraine
- Blog posts 2008-06-23
- Apple security team finds code execution holes in Ruby
- A member of Apple's security team has discovered multiple serious security vulnerabilities in Ruby, the popular open-source scripting language. According to an advisory on the Ruby project site, Apple's Drew Yao reported at least six of the vulnerabilities, which can be exploited to cause a denial-of-service condition...
- Tags: Team, Vulnerability, Apple Inc., Ruby, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine
- Blog posts 2008-06-20
- Mark Dowd's null pointer dereference exploit and advanced Flash ActionScript techiques proove definitively: Aliens Do Exist!
- Alright, I'm just going to start out with a little background before I start, this particular research was so cool that I've been talking about it all day. Reading this whitepaper, written by Mark Dowd, was as exciting to me as watching highlights of Michael Jordan sinking that winning shot,...
- Tags: Research, Adobe Systems Inc., Blog, Blogging, Team Management, Internet, Management, Nathan McFeters
- Blog posts 2008-04-16
- Is McAfee just asking for a lawsuit?
- Is McAfee just asking for a lawsuit?They should be suedover the quality of their product. About 7 years back a mcafee upgrade all but brought my users to a halt. There tech support was worthless. Changing products solved the problem. For their attitude and stupidity I won't use any of...
- Tags: Noone, McAfee Inc., open source, GPL
- Discussion threads 2008-01-08
- Researchers pooh-pooh Mac OS X Leopard security
- The first independent reviews of the security enhancements in Mac OS X Leopard are in -- and they're not entirely pleasant for the folks in Cupertino. First up is Heise Security's takedown of the new application-based firewall in Leopard, which Apple promises will specify the behavior of...
- Tags: Firewall, Apple Macintosh, Network, Leopard, Thomas Ptacek, Firewalls, Apple Mac OS X, Network Security, Apple Mac OS, Security, Operating Systems, Networking, Software, Ryan Naraine
- Blog posts 2007-10-30
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-08-02
- News to know: Virtual worlds; Green data centers; Black Hat; IT failures
- Notable headlines:Dan Farber: The future of virtual worlds.The third Web wave--two degrees of separation. Denise Howell: AlwaysOn Stanford Summit: lawyers for Google, IBM, and Apple ponder the patent system.Complexity and the greening of the datacenter.Harry Fuller: Green: tech and VC money converge.Michael Krigsman: Wisconsin's Apologist for IT Failure. Transparent Failure.David...
- Tags: News to know, General
- Blog posts 2007-08-02
- Hacker movements: Murphy joins Apple; Caceres to Matasano
- Hacker movements: Murphy joins Apple; Caceres to MatasanoIn related news, iPhone infects Windows machinesWhy not? Apple infected their own iPods with a Windows virus. However, the problem with using off the shelf viruses is that most people are protected against them before you can ship your device. It makes far...
- Tags: Cyberthreats, SECURITY, Hacking, NonZealot, liner, Murphy, Apple Inc., hacker movement, Caceres, virus, Microsoft Corp.
- Discussion threads 2007-08-01
- Hacker movements: Murphy joins Apple; Caceres to Matasano
- LAS VEGAS - On the heels of Google's hire of browser hacking whiz Michal Zalewski comes news that another well-known vulnerability researcher is moving over to the vendor side.Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product...
- Tags: Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple
- Blog posts 2007-08-01
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
