On last.fm: Listen to the Lollapalooza Line-up
BNET Business Network:
BNET
TechRepublic
ZDNet

ZDNet Resources

Happy 4th of July
For all of my blasting of the TSA and the US Government for our strange, inappropriate, inadequate, and sometimes unacceptable security practices, I am damn proud to be an American. There's many countries I've visited in this world, and I love many of them, but none like the good...
Tags: Blog, Blogging, Internet, Nathan McFeters
Blog posts 2008-07-04
Say it ain't so AVG, say it ain't so: AVG LinkScanner = Badware?
The Register covered a very interesting story about AVG.  Apparently AVG is spamming the Internet with traffic that looks to be coming from Internet Explorer.  AVG software pre-crawls search results to try to protect users, but uses a user agent that makes the software appear to be Internet Explorer.  This pre-crawling is flooding websites with...
Tags: Webmaster, Traffic, Malware, Register, Spyware, Adware & Malware, Cyberthreats, Security, Scanners, Internet, Viruses And Worms, Hardware, Peripherals, Nathan McFeters
Blog posts 2008-07-03
Airport security part 4: Attack of the body scanners!
If you read my blog postings semi-often, you know that I'm very, very critical of problems with airport security.  Nicole Wong of the Boston Globe reported that Boston's Logan International Airport will become the next airport to implement full-body scanners (thanks for the link from the LiquidMatrix guys!) that can see...
Tags: Imaging, Airport Security, Privacy, Transportation Security Administration, Image, Attack, Madness, Scanners, Document Management, Security, Hardware, Peripherals, Enterprise Software, Software, Finance, Managerial Accounting, Nathan McFeters
Blog posts 2008-07-03
NoScript vs. Internet Explorer 8 Filters
NoScript plugin writer Giorgio Maone posted a commentary on IE 8's new filters, drawing comparisons to his own widely popular NoScript Firefox plugin.  Maone writes: I'm happy to learn that IE8 is going to implement a less ambitious version of a feature which NoScript users have enjoyed for more than one...
Tags: Mozilla Firefox, XSS, Microsoft Internet Explorer, Attack, Maone, Nathan McFeters
Blog posts 2008-07-03
Multiple Facebook vulnerabilities reported on Full-Disclosure
Jouko Pynnonen posted a message to the Full-Disclosure mailing list today, citing multiple "script injection" vulnerabilities within Facebook.  I'm not sure if this is a surprise to anybody out there, it's certainly not to me, as numerous web applications have major problems with Cross-site Scripting vulnerabilities, but I think this...
Tags: Facebook, Vulnerability, XSS, JavaScript, Microsoft Internet Explorer, Web Browser, Sandbox, JS, Canvas Page, Web Browsers, Internet, Nathan McFeters
Blog posts 2008-07-02
Tiller Beauchamp on the Recon 2008 conference
Guest Editorial by Tiller Beauchamp Earlier this month I had the opportunity to present RE:Trace at the Recon conference, a reverse engineering conference held every other year in Montreal, Canada.  The conference consisted of three days of training and three days of talks in a single track.  Topics...
Tags: Reverse Engineering, Kernel, Conference, Novell NetWare, LDAP, Operating Systems, Servers, Directory Services, Enterprise Software, Software, Hardware, Nathan McFeters
Blog posts 2008-07-02
PCI-DSS 1.1 points to outdated OWASP Top 10
OK, I'm not going to freak out about this too bad... I've already pointed out enough problems with PCI, but I did find it morbidly entertaining.  My good friend Jeremiah Grossman pictured at right blogged today about the PCI-DSS 1.1 section 6.5, which covers "prevention of common coding vulnerabilities in...
Tags: XSS, PCI, Security, Storage, Hardware, Nathan McFeters
Blog posts 2008-07-02
McAfee S.P.A.M. experiment and more ridiculous HackerSafe failures
Stay with me here readers, I'm stringing two stories about McAfee together here, a little out of the ordinary, so I hope it makes sense.  If you aren't interested in the tech details of which there are very little, please do read for a good laugh. Network World reported...
Tags: McAfee Inc., Organize-It, PCI, Phishing, Cyberthreats, Marketing Research, Storage, Hardware, Security, Spam And Phishing, Marketing, Nathan McFeters
Blog posts 2008-07-01
Researcher claims thousands of identities stolen during Social Engineering pentests
Kelly Jackson Higgins of Dark Reading, reported on research conducted by Joshua Perrymon, hacking director for PacketFocus Security Solutions and CEO of RedFlag Security, who has been performing social engineering exploits for numerous clients in the past year and has apparently stolen thousands of identities with a 100 percent success rate. ...
Tags: Social Engineering, Identity, Dark Reading Article, Identity Theft, Security, Nathan McFeters
Blog posts 2008-07-01
Snort Security Platform (Snort SP) 3.0 beta released
Congrats to Martin Roesch and crew for delivering the next in a long line of well respected open source security products.  From Snort's site: Snort Security Platform SnortSP 3.0 Beta We're pleased to introduce our first beta release built on the new Snort 3.0 architecture. The Snort 3.0...
Tags: Snort, Beta, SnortSP, Snort 3.0 Architecture, Databases, Networking, Security, Enterprise Software, Software, Data Management, Nathan McFeters
Blog posts 2008-07-01
About that cellular interference...
So... maybe it is a real problem.  Pedram Amini top picture on the right, noted researcher and reverse engineer, posted an article to the Tipping Point DVLabs blog on some interesting observations he made on cellular interference.  From the article, Pedram comments on the discovery: "I had...
Tags: Apple iPhone, Researcher, Laptop Computer, Pedram Amini, Keyboards, Notebooks, Hardware, Peripherals, Notebooks & Tablets, Nathan McFeters
Blog posts 2008-07-01
Big Brother Getting Bigger Part 1: USA
Eek, from Slashdot today: The FBI has confirmed to Popular Mechanics that it's not only adding palm prints to its criminal records, but preparing to balloon its repository of photos, which an agency official says 'could be the basis for our facial recognition.' It's all part of a new...
Tags: FBI, Privacy, Washington Post Co., Slashdot, Government, Federal Government, Security, Nathan McFeters
Blog posts 2008-06-30
An effective way to treat Web 2.0 vulnerabilities
I'm personally a huge fan of the Matasano blog, and have a lot of respect for their group.  I took a peek over at their blog today and noticed an article by Dave Goldsmith that deals with "Vulnerability Reporting in a Web 2.0 World Continued". In this...
Tags: Web, Web 2.0, Vulnerability, Defect, Security, Nathan McFeters
Blog posts 2008-06-28
Security researchers hack the London underground train for free ride
A group of Dutch security researchers were able to clone the "smartcards" that commuters use to pay fares in the London Underground system, allowing the group to ride for free.  This is an interesting attack vector that I actually talked to Adam Laurie about when I was at Black Hat Amsterdam. ...
Tags: Card, Smart Card, Researcher, London, Smart Cards, Security, Nathan McFeters
Blog posts 2008-06-26
Fired Director of IT accused of destroying organ donor information of former company
Here's a story that will make you absolutely sick.  I used to live in Houston, time to time I still check out the Houston Chronicle... which I did this morning.  I was interested in reading more about the altercation between the Astros pitcher and general manager, but then I stumbled...
Tags: Organ, Houston, Agency, Advertising & Promotion, Backups, Hacking, Marketing, Security, Nathan McFeters
Blog posts 2008-06-26
Russian hackers planning attacks against Baltic countries and Ukraine
Recent Tweets on Twitter are pointing to grumblings in the blogosphere around suspicion of a planned attack against Baltic countries and the Ukraine.  An article posted at The Baltic Course describes the planned attacks, as originally reported by Estonian television channel ETV24:  Recently, there have been multiple appeals in Russian Internet forums, calling for...
Tags: Hacker, Ukraine, Attack, Russian Hacker, Hacking, Security, Nathan McFeters
Blog posts 2008-06-25
Another Trojan hits Mac OS X
From a Slashdot article posted by "kdawson", written by "Don't Believe in Imaginary Property":  "F-Secure is reporting that there are two new Mac OS X trojans. The first is just a proof-of-concept from the MacShadows people that takes advantage of the unpatched ARDAgent vulnerability to get root access when run by...
Tags: Apple Macintosh, Password, Trojan Horse, Apple Mac OS X, Spyware, Spyware, Adware & Malware, Apple Mac OS, Security, Operating Systems, Software, Nathan McFeters
Blog posts 2008-06-25
AV in the cloud... wait, what?
So, in a move that I can't currently understand, Trend Micro CEO Eva Chen has thrown out some buzz words claiming that they will move their anti-virus software into the cloud.  Wait... she said what now?  I'm not really sure what that actually means, because the article is very vague...
Tags: Shutter, Trend Micro Inc., Hacker, Cloud, AV, Hacking, Security, Viruses And Worms, Nathan McFeters
Blog posts 2008-06-24
Stanford University data breach leaks sensitive information of approximately 62,000 employees
A data breach resulting from a stolen laptop has leaked sensitive information including Social Security Numbers of approximately 62,000 as reported by Stanford University former and current Standford University employees.  The Privacy Rights Clearinghouse, a site devoted to the collection of data breach information, reports this number as 72,000, and I'm...
Tags: Sensitive Information, Stanford University, Data, Information, Stanford, Laptop Computer, Kroll, Notebooks, Hardware, Notebooks & Tablets, Nathan McFeters
Blog posts 2008-06-23
90% of all statistics can be made to say anything... 50% of the time, aka my thoughts on the Verizon report
** Update 06/23/2008: I realize I didn't do a very good job of talking about what we're reviewing here.  This is in response to the statistics gathered by Verizon related to Forensic Analysis of Data Breaches over a four year span.  First off, let me...
Tags: Business Partner, Vulnerability, Verizon Communications Inc., Attack, Data Breach, Security, Nathan McFeters
Blog posts 2008-06-22
advertisement

Refining Tags

Security (70 results)
Software (20 results)
Attack (17 results)
Flaw (12 results)
Vulnerability (12 results)
Internet (11 results)
Enterprise Software (11 results)
XSS (10 results)
Operating Systems (10 results)
Software/Web Development (9 results)
Government (9 results)
Hardware (9 results)
Hacker (9 results)
Hacking (9 results)
Software Development (8 results)
Black Hat (7 results)
Viruses And Worms (7 results)
Microsoft Windows (6 results)
Blog (6 results)
Programming Languages (6 results)
Adobe Systems Inc. (6 results)
Java (6 results)
Networking (6 results)
Blogging (6 results)
Microsoft Windows Vista (6 results)
Marketing (6 results)
Human Resources (5 results)
Microsoft Corp. (5 results)
Productivity (5 results)
Cyberthreats (5 results)
PCI (5 results)
Apple Inc. (5 results)
Apple iPhone (5 results)
Researcher (5 results)
Data Management (4 results)
Microsoft Windows Vista (Longhorn) (4 results)
Spyware, Adware & Malware (4 results)
Management (4 results)
McAfee Inc. (4 results)
Applet (4 results)
Tool (4 results)
Airport Security (4 results)
Domain (4 results)
Google Inc. (4 results)
Phishing (4 results)
Web Application (4 results)
Databases (4 results)
Data Execution Prevention (4 results)
Spam And Phishing (4 results)
Identity Theft (4 results)
advertisement