moab Resources

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

Apple issues patches for Leopard and MOAB flaw from 2007: Apple issues patches for Leopard and MOAB flaw from 2007Apple, MicrosoftSame Sh|T Different DayObviously......a WinTel plot.RE: Apple issues patches for Leopard and MOAB flaw from 2007Really. What took Apple so long to fix the CVE-2007-0355?Get Apple is making Microsoft look fast in fixing bugs.WHAT?Patches for an Apple? Surely, this must...; Tags: Patches, Apple Inc., Apple issues patch, MOAB flaw, flaw, Apple Issues, Moab, patch management, Leopard; Discussion threads 2008-02-11
MOAB comes to an end: MOAB comes to an endBoringWell, that kind of fizzled out, didn't it?last minute popWell, they did go out with a mild "pop", when they added that exploit code to the web page for day 29. Go to Macintouch and search for "MOAB" and click the link in the right...; Tags: Moab; Discussion threads 2007-02-01
Mac Developer mulling OS X equivalent of ZERT: Now that the Month of Apple Bugs project is done, Landon Fuller just wants some rest. Then, if his buddies are up to it, the brain behind the month of Apple fixes counter-project wants to expand the initiative to provide "zero-day patches" for critical issues affecting Mac OS X...; Tags: Zero-day attacks, Apple, Vulnerability research, Exploit code, Apple Macintosh, Moab; Blog posts 2007-02-01
Month of Apple bugs hacker signs off: Month of Apple bugs hacker signs offyeah... these guys really showed those mac user??? what a joke...really shook things up... hey Maynor, where's your wireless exploit? these guys are complete morons.ask your colleague Mr. Ou when he's going to finally put out that super top secret info on...; Tags: Microsoft Windows Vista (Longhorn), SECURITY, Moab, Month of Apple Bugs, Apple Inc., Microsoft Windows Vista; Discussion threads 2007-01-31
The good, the bad of bug campaigns: The good, the bad of bug campaignsGreat quote"These initiatives are always more about the egos of the bug finders than anything else,"I think that says it all.Response and responsibilityWhether or not computer users are happy about the release of exploits for the system they use, it's going to keep on...; Tags: Microsoft Windows, SECURITY, Apple Mac OS X, vulnerability, Apple Macintosh, Apple Inc., Moab; Discussion threads 2007-01-04

Month of Apple bugs being fixed: Today is the third day in the Month of Apple Bugs (a.k.a. MOAB). MOAB is run by a hacker known as LMH, sponsor of the Month of Kernel Bugs and Kevin Finisterre. The project began with Mondays exposure of a rtsp URL handler stack-based buffer overflow in QuickTime where "A...; Tags: Moab, Apple Computer Inc., Security; Blog posts 2007-01-03

Additional Resources

Apple hasn't learned from past security mistakes: Apple hasn't learned from past security mistakesTo sum upSafari is insecure because other software has exploits.Do you get dizzy much from spinning so fast?RE: Apple hasn't learned from past security mistakesIt probably has more to do with Apple being used to abiding by what is considered normal security obligations on...; Tags: security, Apple Safari, Apple Inc., security mistake; Discussion threads 2008-07-08
2008 Volkswagen Touareg 2 V8 FSI: Photo gallery:2008 Volkswagen Touareg 2 V8 FSIAs we pulled the 2008 Volkswagen Touareg 2 up a rocky slope for its photo shoot, we started thinking about taking the car through even more hostile terrain, such as out near Moab, or from San Francisco to Dakar. With the Touareg's four-wheel drive,...; Tags: Volkswagen AG, cone, Volkswagen Touareg, camera; Product reviews 2008-03-14
Debating the most influential security folks list: Ryan Naraine has cooked up a list of the most influential people in security. Here's the list packaged in a slideshow, which is annoyingly set on fast forward. For instance, I viewed two slides, went to bathroom and by time came back the gallery was over (and...; Tags: Google Inc., Ryan Naraine, Team Management, Security, Management, Larry Dignan; Blog posts 2008-02-13
News to know: Vista SP1 hacks and 551 bugs; Apple patch; RIM outage: Notable headlines: Ed Bott: Vista SP1 rolls up 551 bug fixes. Adrian Kingsley-Hughes: More information on the Vista SP1 activation hack. Gallery right. George Ou: Vista SP1 still vulnerable to speech recognition 'analog' hole RIM notifies of 'critical' BlackBerry outage. Russell...; Tags: Research In Motion Ltd., Larry Dignan, Yahoo! Inc., Samsung Electronics Co. Ltd., Microsoft Windows Vista, Apple Inc., Microsoft Corp., Microsoft Windows Vista SP1, Outage, Microsoft Windows Vista (Longhorn), Manufacturing, Operating Systems, Microsoft Windows, Software; Blog posts 2008-02-12
Apple issues patches for Leopard and MOAB flaw from 2007: Apple on Monday dropped 10 patches addressing eight vulnerabilities in Mac OS X 10.5, also known as Leopard. One patch addresses a Tiger flaw that was described on the Month of Apple Bugs web site almost a year ago. Among the highlights: Apple issued...; Tags: Apple Macintosh, Patch Management, Server, Apple Inc., Issue, Flaw, Leopard, Tiger, Apple Mac OS X, Apple Mac OS, Operating Systems, Software, Larry Dignan; Blog posts 2008-02-11
Zero Day's most discussed post of 2007: Here are the most discussed Zero Day posts of 2007: Apple bumper patch vindicates MOAB, MOKB hackers 90-day report card: Windows Vista fared better than competitors Windows vs Linux security report card redux Maynor demos MacBook Wi-Fi hijack, admits mistakes MacBook Pro hijacked...; Tags: Card, Apple MacBook, Microsoft Windows Vista, Apple Inc., Flaw, Microsoft Windows, Corporate Communications, Microsoft Windows Vista (Longhorn), Notebooks, Security, Operating Systems, Software, Marketing, Hardware, Notebooks & Tablets, Larry Dignan; Blog posts 2007-12-27
Apple (finally) fixes year-old QuickTime flaw: Apple has taken another stab at fixing a one-year-old QuickTime vulnerability that exposed Windows XP and Windows Vista to code execution attacks. The flaw, which allows malicious manipulation of QuickTime Media Link (.qtl) files, is described by apple as a "command injection issue" in the way the...; Tags: Apple QuickTime, Apple Inc., Flaw, Digital Music, Digital Media, Personal Technology, Consumer Electronics, Ryan Naraine; Blog posts 2007-10-03
Unpatched QuickTime-to-Firefox flaw dings IE too: Security researcher Aviv Raff has found a way to use the one-year-old and still unpatched QuickTime vulnerability to automate XAS cross application scripting attacks against users of Microsoft's Internet Explorer. To demonstrate the attack scenario, Raff embedded a rigged QuickTime file on Google's BlogSpot to force a...; Tags: Apple QuickTime, Microsoft Internet Explorer, Attack, Ryan Naraine; Blog posts 2007-09-14
Exploit packs get intelligent -- Attacks launched based on victim's browser: Virus hunters at Symantec have stumbled upon a malicious server using an attack framework that intelligently chooses exploits based on the client's browser.This is the first sign of the type of reconnaissance attacks predicted by by white hat researchers (See: Do you know what's leaking out of your browser?) and...; Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple; Blog posts 2007-06-28
And now, Month of ActiveX Bugs: And now, Month of ActiveX BugsSurely this is akin to shooting fish in a barrel?!? NT...**NOTE. As in the MoAB, here are the rules:Absolutely NO browser add-ins count as a "flaw" or vulnerability. Only activeX controls that come default and TURNED on in the current OS, Vista, count. Also, no...; Tags: ActiveX/COM/COM+/DCOM, Web browsers, Authenticode dialog, ActiveX Control, ActiveX, exploit, UAC; Discussion threads 2007-05-02
MacBook Pro hijacked with Safari zero-day: MacBook Pro hijacked with Safari zero-dayWhat does 0day on a Mac mean?It will never happen?Awaiting the rabid Mac faithful to deny CanSecWest exists...So, come on then Mac apologists. What excuse will be used this time?"Beyond the Vista, a lame Leopard is being eaten by the hackers..."Quick Mac faithful, protect the...; Tags: Desktops, Apple Safari, Apple MacBook Pro, Apple MacBook, Apple Macintosh, Mac-user, Macs ARE; Discussion threads 2007-04-21
Apple zaps 25 more Mac OS X bugs: Apple has issued a mega-update with patches for 25 new security vulnerabilities affecting Mac OS X users.This is the fourth update (89th security patch) issued by Apple in 2007.With Security Update 2007-004, Apple continues to roll out fixes for flaws exposed during the MOAB Month of Apple Bugs project in...; Tags: Responsible disclosure, Pen testing, Hackers, Vulnerability research, Patch Watch, Metasploit, Exploit code, Data theft, Browsers, Apple; Blog posts 2007-04-19
Vista gets bashed for non-exploitable vulnerability: Vista gets bashed for non-exploitable vulnerabilityWrong bug GeorgeMS07-019 which Dave refers to isn't the Vista bug. _rit's a critical bugIt's a bug rated "critical" by Microsoft, even for Vista. Thanks for admitting the mistake._rBugYes a bug, is it explotable? in what way? We talk about Vista.. how many...; Tags: Microsoft Windows Vista (Longhorn), Vista security failure, Microsoft Windows Vista, vulnerability, success story; Discussion threads 2007-04-10
Microsoft: XBox Live account theft was social engineering attack: Just a quick follow-up to my story from earlier this week about XBox Live accounts being hijacked in what was believed to be a breach at Microsofts Bungie.net.First, the official reaction from the Xbox team: Despite some recent reports and speculation, I want to reassure all of our 6 million...; Tags: Game players, Microsoft Corp., Microsoft Xbox, Xbox Live; Blog posts 2007-03-22