Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- metasploit launches version 3.1, improves Windows GUI, supports iPhone
- MetaSploit launches version 3.1, improves Windows GUI, supports iPhoneKeep the iPhone as it isI am a crusader against installing third party applications on iPhones. Let's leave the iphone as it is and use only applications from Apple.Mars M.http://www.iphone-codes.comNokia N800/N810For those who care, the Nokia 800/810 (OS 2008 is a Debian...
- Tags: Operating systems, OPEN SOURCE, WIRELESS, Wi-Fi, Microsoft Windows, Apple iPhone, Metasploit, GUI
- Discussion threads 2008-01-29
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-08-02
- Remembering five years of vulnerability markets
- Guest Editorial by David EndlerWhile compiling some stats this week for our Zero Day Initiative two year anniversary, I came across this recent news article by the Associated Press, Researchers Seek Cash for Software Flaws. It's the latest in a long line of media coverage on the launch of...
- Tags: Botnets, Black Hat, Apple, Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Symantec, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers
- Blog posts 2007-08-01
- Apple monster update fixes iPhone, Safari, Mac OS X flaws
- LAS VEGAS -- Apple has issued a monster update with patches for about 50 security vulnerabilities affecting iPhone, Safari and Mac OS X users.In a race against the clock, the company rushed out iPhone v1.0 with fixes for four different vulnerabilities that could allow hackers to take full control of...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Metasploit, McAfee, Hackers, Google, Digital rights management, Data theft, Browsers, Botnets, Black Hat, Apple
- Blog posts 2007-07-31
- Mozilla fixes its end of URL protocol handling saga
- Mozilla has fixed its end of the controversial URL protocol handling vulnerability that puts Windows users at risk of PC takeover attacks.Exactly a week after admitting that Firefox was just as guilty as Internet Explorer when it comes to passing dangerous data to third party applications, the open-source group shipped...
- Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Apple
- Blog posts 2007-07-31
- Google hires browser hacking guru
- Google has snapped up one of the sharpest minds in the hacker community, luring Michal Zalewski to help lock down its long list of Internet facing products.Zalewski, a 26-year-old computer security whiz from Poland, joined the search engine giant about a week ago to work as an Information Security Engineer.He...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-07-30
- Can Trend Micro's botnet identification service make a difference?
- Trend Micro today rolled out its SecureCloud software-as-a-service platform with a new Botnet Identification Service BIS to help find botnet command-and-control servers and block communications between them and the zombie PCs they control.Geared towards ISPs and enterprise customers, the botnet ID service can be used to block communication to/from command-and-control...
- Tags: Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Passwords, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets
- Blog posts 2007-07-30
- German hacker denied entry into U.S. for Black Hat training
- Thomas Dullien, a prominent security researcher who has been a fixture at the annual Black Hat security conference, has been denied entry into the U.S. to attend and conduct training at this year's confab.Dullien left, a German reverse engineering whiz known in hacker circles as "Halvar Flake," said he was...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, Metasploit, Hackers, Exploit code, Digital rights management, Data theft, Cisco, Browsers, Botnets, Black Hat
- Blog posts 2007-07-29
- Some great security apps are still free
- Last week, I wrote dismissively about Symantec adding a $29.99 a year price tag on its new Norton AntiBot technology, calling it a bit of a con job to sell all these different security tools to protect users against malware.Well, it turns out that there are some great FREE security...
- Tags: Data theft, Browsers, Botnets, Apple, Digital rights management, Exploit code, Firefox, Hackers, McAfee, Metasploit, Mozilla, Open source, Passwords, Patch Watch, Pen testing, Privacy, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Wi-Fi security, Zero-day attacks
- Blog posts 2007-07-25
- Free utility looks for missing security patches
- Secunia has shipped a downloadable version of a free utility that scans Windows machines to find missing software patches.The tool, an enhancement to the Secunia Software inspector (a Web-based scanner I've covered before), can be used to inspect and monitor more than 4,200 different PC applications to flag dangerous vulnerabilities.This...
- Tags: Hackers, Metasploit, Spyware and Adware, Botnets, Google, Firefox, Exploit code, Vulnerability research, Patch Watch, Data theft, Browsers, Windows Vista, Pen testing, Apple, Viruses and Worms, Passwords, Open source, Responsible disclosure, Mozilla, Microsoft
- Blog posts 2007-07-24
- Mozilla caught napping on URL protocol handling flaw
- Uh-oh. The latest twist in the URL protocol handling vulnerability saga has left eggs on the faces of the security folks at Mozilla.It turns out that Mozilla's Firefox is just as guilty Microsoft's Internet Explorer when it comes to passing dangerous data to third party applications.Over the last two...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Spyware and Adware, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Open source, Mozilla, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-07-23
- CEO out in Core Security shake-up
- Core Security Technologies, one of a handful of companies hawking penetration testing tools to businesses, is looking for a new CEO to replace Paul Paget.According to an analyst report from The 451 Group, there are red flags about the future of Core after news emerged that Paget and product manager...
- Tags: Zero-day attacks, Vulnerability research, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-07-23
- Code execution exploit dings iPhone
- Apple's iPhone has failed the security smell test.Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be used to take full control of an iPhone surfing to a rigged Web site.Dr Charlie Miller, a...
- Tags: Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple
- Blog posts 2007-07-23
- Microsoft: 'Very difficult' to block IE attack vector
- A member of Microsoft's Internet Explorer team says it is "very difficult" to put protections in place to block the protocol handlers attack vector exposed by the recent IE-to-Firefox code execution vulnerability.Markellos Diorinos, a product manager on the IE team, insists it is the responsibility of the receiving called application...
- Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Mozilla, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets
- Blog posts 2007-07-20
- MPack exploit kit creator speaks
- SecurityFocus.com reporter Rob Lemos has a fascinating interview with one of the developers of MPack, the exploit kit used in thousands of drive-by malware attacks.In the interview, presented from multiple IRC conversations and edited/reordered for clarity, Lemos does a nice job of peeking behind the dark curtain of exploit writing...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-07-20
- Opera plugs nasty code execution hole
- You can add Opera to the list of Web browsers singing the security blues.A new version of the cross-platform browser was released today to plug a highly critical code execution bug in the way Opera integrates support for BitTorrent downloads.The skinny from an iDefense alert:When parsing a specially crafted BitTorrent...
- Tags: Vulnerability research, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets
- Blog posts 2007-07-19
- Mac worm rumors swirl; Dai Zovi ships unofficial Mac OS X patch
- Amidst unconfirmed rumors that anonymous hackers have created a worm that exploits an unpatched code execution flaw in Mac OS X Intel, a team of researchers have come up with a way to completely disable a buggy portion of the Mac code base.Led by Mac security guru Dino Dai Zovi...
- Tags: Zero-day attacks, Wi-Fi security, Vulnerability research, Spyware and Adware, Spam and Phishing, Rootkits, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple
- Blog posts 2007-07-18
- Symantec puts price tag on anti-botnet tool
- Symantec's new Norton AntiBot utility is now out of beta, promising to remove zombies from for-profit botnets scourge in exchange for $29.99 a year.The anti-botnet tool see previous coverage here is being marketed as "complementary solution to existing antivirus or security suites," adding yet another application to the list of...
- Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets
- Blog posts 2007-07-17
- Stepto leaves MS security, goes gaming
- Stephen Stepto Toulouse is leaving Microsoft's security unit.Toulouse left , who served as the public face of Redmond's security response during some of the biggest hacker attacks, is exiting Redmond's Building 27 to join the Windows Live Services Group.A passionate gamer, Toulouse says he will join the Xbox LIVE team...
- Tags: Wi-Fi security, Vulnerability research, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Open source, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple
- Blog posts 2007-07-17
- Beware the iPhone/Safari dialer
- One of the iPhone's most nifty features -- dialing any phone number by simply tapping on a Web page -- can be its most sinister.[ SEE: The iPhone security non-story ]Security researchers at SPI Labs says this features can be exploited by hackers to pull off nefarious stunts like redirecting...
- Tags: Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Privacy, Pen testing, Patch Watch, Metasploit, Hackers, Data theft, Exploit code, Browsers, Botnets, Apple
- Blog posts 2007-07-17
White Papers and Webcasts
Sun and MySQL meetups are coming near you, bringing together the expertise and technology know-how directly to you. Be sure to keep checking back to find out when the meetups are going to be in your city.
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
