nitesh

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Black Hat Europe 2008

Nate McFeters' pictures of Black Hat Europe 2008 in Amsterdam. by Nathan McFeters

Tags: Black Hat, Nate McFeters, Nathan McFeters, news, Black Hat Europe 2008, Amsterdam, tech action, hackers, Dafydd, Marcus, Rob Carter, Billy Rios, Nitesh

Image galleries 2008-03-26

Additional Resources

Apple plugs gaping holes in Java for Mac

Apple today released Java for Mac OS X 10.5 Update 2 with patches for a total of 25 documented security flaws that could expose Mac users to malicious code execution attacks. Two of the 25 flaws are specific to Apple and could be exploited to launch...

Tags: Apple Macintosh, Apple Inc., Programming Languages, Apple Mac OS X, Java, Desktops, Software Development, Software/Web Development, Operating Systems, Software, Apple Mac OS, Hardware, Ryan Naraine

Blog posts 2008-09-24

Black Hat Las Vegas Day 1

Well, this is well late, but here's my recap of Black Hat Day 1. Sorry for the delay, but I've been terribly busy finishing up preparations for my Day 2 talk. The first talk I went to see, "Pointers and Handles, A Story of Unchecked Assumptions...

Tags: Billy Rios, Black Hat, Cyberthreats, Nathan McFeters, Phishing, Security, Spam, Spam And Phishing, Viruses And Worms

Blog posts 2008-08-08

Airport security part 6: Skimming at airport kiosks

We've talked a lot about airport security here see other links at the bottom of this article, but one thing we haven't covered yet is airport kiosks.  Not that they haven't caught my attention, there's just so much wrong at the airport, it takes time to cover it all.  Richard...

Tags: Credit Card, Airport Security, Airport Kiosk, Stiennon, Sales Channel, Financial Services, Sales, Nathan McFeters

Blog posts 2008-07-28

E-gold owners plead guilty to money laundering

Wow, big morning!  If anyone has seen Nitesh Dhanjani and Billy Rios's talk on phishing and identity theft, which was presented at the last couple Black Hat conferences, and will be on display again at Black Hat Vegas, you know that the identity theft market is a huge problem.  You...

Tags: Flooz, Currency Service, Identity Theft, Phishing, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-07-22

2008 Pwnie Award nominees announced

Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.  From the site: The final list of nominees for the nine Pwnie Award categories is ...

Tags: Attack, Flaw, Lifelock, Nathan McFeters, Nominee, Security, Vulnerability, XSS, XSS Flaw

Blog posts 2008-07-21

Romanian authorities arrest cybercrime suspects

Well, eight days, and a joint effort to help prevent phishing and two major arrests related to identity theft, and I feel like we've made a decent attack on the identity theft culture. Score one for the good guys for once. Just a day after reading...

Tags: Arrest, eBay Inc., Romania, Romanian, Phishing, Identity Theft, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-07-17

Finding the name behind the GMail address

Ah, this is a fun little trick.  I'm not sure if it represents a vulnerability, but certainly I expect Google will try to get rid of this feature.  The SecuriTeam blog has reported that it is possible to expose the full name of the user who registered a GMail account.  ...

Tags: Google Inc., Google Gmail, SecuriTeam Blog, Phishing, E-mail Providers, Cyberthreats, Cloud Computing, Spam, Viruses And Worms, Security, Spam And Phishing, Internet, Nathan McFeters

Blog posts 2008-07-15

Apple hasn't learned from past security mistakes

* Ryan Naraine is on vacation. Guest editorial by Aviv Raff Apple's Safari for Windows is a nice browser. It really is. It has slick user interface, some pretty cool features, and benchmarks show that it is really fast. But, saying that...

Tags: Security, Apple Safari, Apple Inc., Web Browser, Web Browsers, Microsoft Windows, Internet, Operating Systems, Software, Ryan Naraine

Blog posts 2008-07-08

Twitter as a PayPal killer? Umm, not so fast

* Ryan Naraine is on vacation. Guest Editorial by Dan Glass  A recent blog proclaiming that Twitter could soon become a rival to PayPal made me shudder in fear. The blog author postulated that Twitter could offer a method to...

Tags: Payment, PayPal, Twitter, Operational Accounting, Security, Finance, Ryan Naraine

Blog posts 2008-07-07

Black Hat '08 preview webcast on its way

Ladies and gents, For those who hadn't heard, I will be presenting at Black Hat Vegas '08 this year with Rob Carter, John Heasman, and Billy Rios.  Our presentation is called "The Internet is Broken: Beyond document.cookie - Extreme Client Side Attacks", which may sound like a...

Tags: Black Hat, Webcast, Nathan McFeters

Blog posts 2008-06-15

Proof of Concept "carpet bombing" exploit released in the wild

In what appears to be an attempt to provoke Apple to reconsider its currently passive position on the severity of the dubbed as "carpet bomb" flaw, a working Proof of Concept exploit code has been released at Liu Die Yu's security blog : Nitesh Dhanjani discovered that Safari for...

Tags: Desktop, Apple Safari, Vulnerability, Microsoft Internet Explorer, Liu, Microsoft Windows, Web Browsers, Operating Systems, Security, Software, Internet, Dancho Danchev

Blog posts 2008-06-11

Microsoft issues Safari-to-IE blended threat warning

Microsoft has issued a formal security advisory with a confirmation of public warnings that the Safari "carpet bombing" vulnerability presents a remote code execution threat on all supported editions of Windows XP and Windows Vista. The pre-patch advisory from Redmond follows public pressure from the Google-backed StopBadware.org...

Tags: Apple Safari, Microsoft Corp., Microsoft Windows, Web Browsers, Operating Systems, Security, Software, Internet, Ryan Naraine

Blog posts 2008-05-30

Why Apple must fix Safari 'carpet bombing' flaw immediately

Apple makes a big deal -- and lots of funny commercials -- around the security profile of its products.  On the Safari download site,  the boast is that users get "worry-free Web browsing on any computer" because, in Cupertino's words, "Apple engineers designed Safari to be secure from day one."...

Tags: Apple Safari, Vulnerability, Apple Inc., Flaw, Desktops, Microsoft Windows, Security, Hardware, Operating Systems, Software, Ryan Naraine

Blog posts 2008-05-29

Scam calls... something we've forgot about?

I was thinking about the problem of identity theft today and looked back at notes I took during Nitesh Dhanjani and Billy Rios's presentation at Black Hat and Blue Hat recently and I came to the realization that our government should be doing more about this crap. ...

Tags: Do-Not-Call, Credit Card, Phishing, Government, Identity Theft, Sales Channel, Cyberthreats, Financial Services, Spam, Security, Spam And Phishing, Sales, Nathan McFeters

Blog posts 2008-05-27

Apple under pressure to fix Safari 'carpet bomb' flaw

The Google-backed StopBadware.org coalition has called on Apple to rethink its stance on whether the Safari "carpet bomb" issue reported by Nitesh Dhanjani constitutes a serious security risk. Dhanjani originally discovered than it is possible for a booby-trapped Web site to litter the user's Desktop Windows or...

Tags: Apple Safari, Apple Inc., Flaw, Google-backed StopBadware.org Coalition, Security, Spyware, Adware & Malware, Instant Messaging, Cyberthreats, Internet, Online Communications, Ryan Naraine

Blog posts 2008-05-20

Safari "Carpet Bomb" attack information released

Nitesh Dhanjani released information about some of his newest research on the Safari web browser this morning, and interestingly enough, Apple has decided NOT to fix some of the issues he presented. Dhanjani reported three issues, as follows below from his blog: 1. Safari Carpet Bomb.It...

Tags: HTML, Apple Safari, Apple Inc., Issue, Safari Carpet Bomb.It, Security, Nathan McFeters

Blog posts 2008-05-15

Targeted spear phishing attacks

A colleague of mine, Dave Wong, from Ernst & Young's Advanced Security Center in New York, pointed me to a really interesting article on targeted spear phishing attacks by John Markoff of the New York Times.  Phishing has been really interesting to me lately, as I've seen a wave of discussions,...

Tags: E-mail, Attack, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-04-16

Black Hat Europe, Day 4 (Finally): Early wake-up calls always lead to long days

For those of you who had been reading my Day 1, Day 2/Day 3, and Day 2 revisited stories about Black Hat Europe here on ZDNet, I'm sure you were wondering what happened to Day 4, the second day of conferences.  Well, after a long delay, here it is!  Basically, I got caught up...

Tags: Black Hat, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-04-07

Black Hat Europe, Day 2: The day that wasn't and Black Hat Europe, Day 3: Begin the presentations

If you haven't seen it yet, you can check out Day 1 of my coverage of Black Hat Europe 2008 here.  So, for those of you looking forward to a Black Hat Day 2 update with some more from the training sessions... I'm afraid it didn't happen. I had...

Tags: Black Hat, Antivirus, Buffer-overflow, Attack, Breese, Security, Viruses And Worms, Nathan McFeters

Blog posts 2008-03-29