mcafee

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Apple monster update fixes iPhone, Safari, Mac OS X flaws

LAS VEGAS -- Apple has issued a monster update with patches for about 50 security vulnerabilities affecting iPhone, Safari and Mac OS X users.In a race against the clock, the company rushed out iPhone v1.0 with fixes for four different vulnerabilities that could allow hackers to take full control of...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Metasploit, McAfee, Hackers, Google, Digital rights management, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-07-31

Can Trend Micro's botnet identification service make a difference?

Trend Micro today rolled out its SecureCloud software-as-a-service platform with a new Botnet Identification Service BIS to help find botnet command-and-control servers and block communications between them and the zombie PCs they control.Geared towards ISPs and enterprise customers, the botnet ID service can be used to block communication to/from command-and-control...

Tags: Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Passwords, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-07-30

Some great security apps are still free

Last week, I wrote dismissively about Symantec adding a $29.99 a year price tag on its new Norton AntiBot technology, calling it a bit of a con job to sell all these different security tools to protect users against malware.Well, it turns out that there are some great FREE security...

Tags: Data theft, Browsers, Botnets, Apple, Digital rights management, Exploit code, Firefox, Hackers, McAfee, Metasploit, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Privacy, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks

Blog posts 2007-07-25

Symantec going private? It's not a crazy thought

Jim Reavis at RiskBloggers.com has tossed out this doozy:This is only a rumor, if it were an actual event you would be instructed by the authorities where to redeem your SYMC stock. Multiple Friends of Risk Bloggers have told me that Symantec has been in talks with investors over...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Punditocracy, Patch Watch, Microsoft, McAfee, Exploit code, Data theft, Cisco, Browsers, Botnets

Blog posts 2007-07-13

Patch Watch: Critical updates from Adobe, Cisco, Symantec, McAfee

Patch Tuesday is no longer an exclusive Microsoft event. Slowly but surely, it's beginning to look like more and more big-name software vendors are piggybacking on Microsoft's scheduled patch day to roll out critical software fixes.This week, in addition to Microsoft's six bulletins, computer users should also pay attention to...

Tags: Open source, Microsoft, McAfee, Hackers, Exploit code, Data theft, Cisco, Browsers, Botnets, Apple, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks

Blog posts 2007-07-11

Ex-Softies launch anti-malware start-up

A quartet of former Microsoft employees have launched an anti-malware start-up, joining an established list of companies touting browser plugins an an answer to the threat from drive-by exploits.The company, called Haute Secure, is offering an Internet Explorer add-on that uses behavior-based profiling algorithms to identify and intercept malicious files...

Tags: Browsers, Botnets, Apple, Data theft, Exploit code, Firefox, Google, Hackers, McAfee, Metasploit, Microsoft, Mozilla, Passwords, Patch Watch, Pen testing, Privacy, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Symantec, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-07-10

Google's $625 million security splash

Google has announced its second acquisition in the computer security space, shelling out a whopping $625 million in cash to snap up enterprise e-mail security vendor Postini.The deal, which follows May's purchase of GreenBorder Technologies, confirms Google's big push into a lucrative security compliance marketplace and gives the search...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-07-09

The dark side of search engines

Ryan Naraine is on vacation.Guest Editorial by Roger ThompsonAs a malware researcher, I spend the majority of my days days studying the dark side of the web, (is that a good job or what?), and one of the most interesting things I get to see are the weird, and sometimes...

Tags: Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Privacy, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-07-04

As goes Ohio, so goes the country

* Ryan Naraine is on vacation.Guest Editorial by Paul F. RobertsWhat do 225,000 Ohio taxpayers, 64,000 state employees and 600 lucky holders of winning lottery tickets have in common? They were all unlucky enough to have some of their personal information -- names, social security numbers, and bank account numbers...

Tags: Zero-day attacks, Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Privacy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, McAfee, Hackers, Google, Firefox, Data theft, Browsers, Botnets

Blog posts 2007-07-04

Pump-and-dump spammers turn to PDFs

Anti-virus researchers at McAfee are reporting a massive wave of "pump-and-dump" stock spam -- with a interesting twist.Instead of attaching image (.gif) files touting the penny stock, the spammers are now using PDF files with randomly generated subject lines, sender names and blank message bodies. McAfee's Nick Kelly said the...

Tags: Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Privacy, Pen testing, Patch Watch, Passwords, McAfee, Hackers, Browsers, Data theft, Botnets

Blog posts 2007-06-26

Firefox narrows patch deployment window

Mozilla security chief Window Snyder has dismissed the counting of vulnerabilities as a "misleading metric," suggesting that the time it takes to release -- and deploy -- software patches should carry more weight.Snyder, a former Microsoft security strategist, makes the argument that the number of vulnerabilities found is more...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple

Blog posts 2007-06-19

Windows v Linux - Days of risk in 2006

Microsoft's Jeff Jones has released his "days of risk" comparison of security vulnerabilities fixed in the major workstation operating systems in an attempt to prove his controversial argument that Windows users are arguably safer than those using Linux, Mac OS X or Solaris.I recently wrote about Jones' presentation this year's...

Tags: Apple, Botnets, Browsers, Data theft, Exploit code, Firefox, Hackers, McAfee, Microsoft, Mozilla, Open source, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-06-15

Googler updates open-source anti-malware tool

Niels Provos, one of the brains behind Google's big anti-malware push, has released a new version of the open-source SpyBye, adding a key new feature to allow it to be used as proxy for regular Web browsing.SpyBye, a free utility that helps Web masters determine if their Web pages...

Tags: Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-06-11

Windows vs Linux security report card redux

Orlando, Florida -- Jeff Jones has expanded his project to count security flaws publicly reported and fixed in the major workstation operating systems and his latest numbers show Windows Vista has by far the best security profile when compared to the major Linux distributions.Jeff Jones, security strategy director in Microsoft's...

Tags: Apple, Black Hat, Botnets, Browsers, Data theft, Digital rights management, Exploit code, Firefox, Google, McAfee, Microsoft, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Piracy, Responsible disclosure, Vulnerability research, Windows Vista, Zero-day attacks

Blog posts 2007-06-06

Google: Microsoft IIS 'twice as often' serving malware

Researchers in Google's new anti-malware team found that Microsoft's IIS Internet Information Services server software was being used to launch drive-by malware downloads more than any other server type.The statistics come from a Google examination of 70,000 domains that have been either distributing malware or have been responsible for hosting...

Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Privacy, Piracy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets

Blog posts 2007-06-05

Microsoft security guru: Get fuzzing

Orlando, Florida -- Microsoft security whiz Michael Howard is urging developers in the Windows ecosystem to adopt fuzz testing as a critical part of the software creation process, stressing that the use of fuzzers can dramatically reduce the number of potential security vulnerabilities.Howard, co-author of a book on Microsoft's mandatory...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Responsible disclosure, Punditocracy, Piracy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets

Blog posts 2007-06-05

Mozilla patches 'critical' Firefox memory corruption crashes

Mozilla has released a new version of its flagship Firefox browser with fixes for five security vulnerabilities, one carrying a "critical" rating.The most serious issue addressed in today's Firefox 2.0.0.4 update pertains to browser crashes with evidence of memory corruption. This fix (MFSA 2007-12) rolls up several bug fixes...

Tags: Apple, Botnets, Browsers, Data theft, Digital rights management, Exploit code, Firefox, Google, Hackers, McAfee, Metasploit, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Zero-day attacks

Blog posts 2007-05-30

Remote vulnerability in high-profile Firefox extensions

Today is Firefox Patch Day but even after you install the latest security updates from Mozilla, those browser extensions you use and love could put you at risk of code execution attacks.According to independent researcher Christopher Soghoian of boarding pass hacker fame, there's a remote vulnerability in the upgrade mechanism...

Tags: Apple, Botnets, Browsers, Data theft, Exploit code, Firefox, Google, Hackers, McAfee, Microsoft, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Privacy, Responsible disclosure, Rootkits, Viruses and Worms, Vulnerability research, Zero-day attacks

Blog posts 2007-05-30

Google buys anti-malware browser virtualization startup

Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software.The acquisition gives the search engine a key piece of technology to block Web-based exploits that prey on flaws in the two most widely used browsers -- Microsoft's Internet Explorer...

Tags: Botnets, Browsers, Data theft, Digital rights management, Exploit code, Firefox, Google, Hackers, McAfee, Metasploit, Microsoft, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Symantec, Viruses and Worms, Vulnerability research, Zero-day attacks

Blog posts 2007-05-29

McAfee yawns at pornographic OpenOffice virus sample

Anti-virus experts are giving a collective thumbs-down to a proof-of-concept virus targeting OpenOffice and StarOffice, dismissing the creation as a silly publicity stunt.Sophos, an anti-virus company with headquarters in the U.K., first warned about the "in the wild" BadBunny sample, which infects the target when an OpenOffice Draw file...

Tags: Apple, Botnets, Browsers, Data theft, Exploit code, Hackers, McAfee, Microsoft, Open source, Patch Watch, Pen testing, Privacy, Rootkits, Spam and Phishing, Spyware and Adware, Symantec, Viruses and Worms, Vulnerability research

Blog posts 2007-05-23