Sponsored White Papers, Webcasts, and Downloads
Additional Resources
- Gaping holes in RealPlayer patched
- Digital media delivery firm RealNetworks has shipped a high-prority patch to cover four gaping holes in its flagship RealPlayer software, warning that the vulnerabilities could put users at risk of code execution attacks. The patch comes a few hours after Secunia released an advisory warning for one...
- Tags: Vulnerability, RealNetworks Inc., RealNetworks RealPlayer, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Ryan Naraine
- Blog posts 2008-07-25
- Microsoft joins 'patch DNS now' chant; Apple patch missing
- On the heels of the release of weaponized exploit code for the DNS cache poisoning vulnerability, Microsoft has joined the chorus of security pros pleading with DNS server providers to immediately apply patches to protect users from malicious attacks. The Redmond, Wash. security...
- Tags: Apple Macintosh, DNS, Vulnerability, Apple Inc., Exploit Code, Microsoft Corp., Attack, Dan Kaminsky, Domain Names, Apple Mac OS X, Networking, Security, Internet, Operating Systems, Software, Apple Mac OS, Ryan Naraine
- Blog posts 2008-07-25
- How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
- The short answer is being paranoid about tackling a known vulnerability. It's 2001, and Daniel J. Bernstein DJB, author of the then popular djbdns security-aware DNS implementation, is applying basic math principles to raise awareness on what's to turn into the "sky is falling" critical Internet vulnerability in 2008, in...
- Tags: DNS, Vulnerability, Anomaly, Attack, OpenDNS, MaraDNS, NSS, Domain Names, Networking, Internet, Dancho Danchev
- Blog posts 2008-07-25
- Heap-based buffer overflow reported in RealNetworks RealPlayer
- Update 07/25/2008: Aaron Portnoy of TippingPoint's security research group was kind enough to point out that I'm actually not affected by this, since I've installed the newest version of RealPlayer. From Aaron's email: Notice the Secunia advisory states it affects RealPlayer 10.5... the latest is 11.x, which now uses...
- Tags: Vulnerability, RealNetworks Inc., Buffer-overflow, RealNetworks RealPlayer, Secunia Research, Vendor, Digital Music, Digital Media, Personal Technology, Consumer Electronics, Nathan McFeters
- Blog posts 2008-07-25
- News to know: 'Spam king' dead; Microsoft's cloud; Dell;
- Notable headlines: Ryan Naraine: Escapee 'Spam King' dead in apparent murder-suicide CBS Denver Video: 'Spam King' Inmate Dies Along With Wife, Daughter Mary Jo Foley: Ozzie foreshadows 'Zurich,' Microsoft's elastic cloud Microsoft to get more 'Apple-like' in PC,...
- Tags: Larry Dignan
- Blog posts 2008-07-25
- Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
- Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soonTTLSomething I wish I'd asked during the webcast and which I can't quite get my head around:It was said that setting a long TTL doesn't help because of the way delegation works - has to...
- Tags: Domain names, DNS server, TTL, server, Kaminsky
- Discussion threads 2008-07-24
- Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
- I listened to the Black Hat webcast today to grab as much info as I could on this subject. The biggest thing that I heard from the whole talk is that the patch fixes things to a reasonable point, but that long-term, there will have to be more work...
- Tags: CERT, DNS Server, Server, Kaminsky, Dan, Patches, Domain Names, Security, Internet, Nathan McFeters
- Blog posts 2008-07-24
- Is open source hurt by piracy?
- Is open source hurt by piracy?Only hurts Open Source if proprietary is seen as "better"Sounds like what you are saying is for example, that the competition in the office suite space is Open Office Vs MS Office Vs pirated MS Office. Those willing to pirate see both Open Office...
- Tags: Operating systems, open source, piracy, OpenOffice, Microsoft Office, Microsoft Corp., Linux, software
- Discussion threads 2008-07-24
- Forrester: Vista is 'New Coke' in the enterprise; Firefox, Apple gain a little
- Forrester: Vista is 'New Coke' in the enterprise; Firefox, Apple gain a littleNew Coke?Actually, given the way it has been and is being sold, is it not the New Kool-Aid?With Vista selling so well already ...... as shown in revenues from the previous quarter, Microsoft can expect to gain substantially...
- Tags: Microsoft Windows Vista (Longhorn), Operating systems, Mozilla Firefox, Forrester Research Inc., Microsoft Windows Vista, Apple Mac OS X, Mendel, Apple Inc.
- Discussion threads 2008-07-24
- |)ruid and HD Moore release part 2 of DNS exploit
- |)ruid and HD Moore release part 2 of DNS exploitSo, Linux's BIND the first to be exploited...So, Linux's BIND the first to be exploited...Nice work!CoolNate, nice post and analysis!Wasn't the replacing the ns.victim.com cache entry part of the Halvar Flake speculation? I thought first part of the exploit was to...
- Tags: Domain names, NETWORKING, Operating systems, Alecco, DNS, ruid, exploit, HD Moore, Linux
- Discussion threads 2008-07-24
- Attack code published for DNS flaw
- Attack code published for DNS flawIrresponsible and evil"In an IM exchange, Moore told me his exploit takes about a minute or two to poison a DNS cache but said he is working to improve it in version 2.0."As far as i am concerened he is just an evil person to...
- Tags: Domain names, Halvar, exploit, DNS
- Discussion threads 2008-07-23
- Attack code published for DNS flaw
- The urgency to patch Dan Kaminsky's DNS cache poisoning vulnerability just went up a few notches. Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool....
- Tags: Ryan Naraine
- Blog posts 2008-07-23
- iPhone vulnerable to phishing, spamming flaws
- Security researcher Aviv Raff left has discovered a pair of basic design flaws that could turn your iPhone into easy bait for malicious phishing and spamming attacks. According to an advisory from Raff, the iPhone's Mail and Safari applications are susceptible to a URL Spoofing vulnerability which...
- Tags: Apple iPhone, Apple Safari, Vulnerability, Spamming, Flaw, Aviv Raff, Phishing, Spam, Security, Spam And Phishing, Ryan Naraine
- Blog posts 2008-07-23
- McAfee debunks recent vulnerabilities in AV software research, n.runs restates its position
- Several days after blogging about a research conduced by n.runs AG that managed to discover approximately 800 vulnerabilities in antivirus products, McAfee issued a statement basically debunking the number of vulnerabilities found, and providing its own account into the number of vulnerabilities affecting its own products : "A recent...
- Tags: Software, McAfee Inc., Antivirus, Vulnerability, Vendor, Flaw, N.Runs, Dancho, Security, Viruses And Worms, Dancho Danchev
- Blog posts 2008-07-23
- 75% of online banking sites found vulnerable to security design flaws
- In a paper entitled "Analyzing Web sites for user-visible security design flaws" to be published at the Symposium on Usable Privacy and Security meeting at Carnegie Mellon University July 25, Atul Prakash and two of his doctoral students examined 214 financial institutions in 2006, finding that over 75% of all...
- Tags: Bank, Online Banking, Flaw, Security, Financial Services, Dancho Danchev
- Blog posts 2008-07-23
- TTProtect (zip)
- TTProtect is an advanced software protection tool, it protect software against cracker. It absorb the advantages of the other protections, and adding own characteristics, use of a unique anti-tracking methods, make it difficult to debug protected application. TTprotect features Debugger Detection, Anti-Attached, Drx decoding, Code Chaos and confusion, Virtual Machine...
- Tags: Software, TTProtect, Tools & Techniques, Management
- Software downloads 2008-07-23
- Vulnerability disclosure gone awry: Understanding the DNS debacle
- On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky with the help of Black Hat conference organizers invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday." "A synchronized...
- Tags: Black Hat, DNS, Conference, Dan Kaminsky, Thomas Ptacek, Domain Names, Patches, Security, Networking, Internet, Ryan Naraine
- Blog posts 2008-07-22
- SWF Decompiler Magic Free Version (exe)
- SWF Decompiler Magic, a powerful solution that can be used by programmers who need to deal with Flash technology. It is a powerful flash decompiler with the functionality to convert flash files between swf and exe formats and edit SWF movies (dynamic texts, images and more). With this powerful application,...
- Tags: Flash Decompiler Studio, Development Tools, Software Development, Software/Web Development
- Software downloads 2008-07-22
- Has Halvar figured out super-secret DNS vulnerability?
- [ UPDATE: Kaminsky has all but confirmed that, yes, the cat is out of the bag ] It looks very much like the nitty gritty of Dan Kaminsky's super-secret -- and heavily hyped -- DNS cache poisoning vulnerability has been figured out by reverse engineering guru Halvar...
- Tags: DNS, Vulnerability, Server, Referral, Mallory, Domain Names, Networking, Security, Internet, Ryan Naraine
- Blog posts 2008-07-21
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Intel is working with Microsoft to deliver an integrated, validated solution for notebook and desktop systems that gives users the performance they need for Windows Vista.
Tasty Baking’s new LEED factory
0:57
Tasty Baking CIO: Brendan O’Malley
Balancing act: innovation vs. reliability
1:28
Facebook VP of technical operations: Jonathan Heiliger
Securing data at E-Loan
1:47
E-Loan CIO: Jay Shah
When crops are scarce
1:47
Del Monte Foods CIO: Marc Brown
