pwned

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

HD Moore pwned with his own DNS exploit, vulnerable AT

HD Moore pwned with his own DNS exploit, vulnerable ATOn top of thisIt wasn't HD who was hacked, as Dancho points out. I just want to reiterate that point, as Austin TX was what was hacked. The AT&T DNS servers there were what was hijacked, and unfortunately, HD...

Tags: Internet service providers (ISPs), Games, Domain names, Pwned, game, DNS

Discussion threads 2008-07-30

Additional Resources

Google Chrome vulnerabilities starting to pile up

Google Chrome vulnerabilities starting to pile upGoogle Chrome vulnerabilities starting to pile upFile this in the "No Surprise" category. The shoddy programming at Google which has been reflected on many of their applications and services should come as no surprise to anyone on Chrome. Google is trying to live...

Tags: SECURITY, Google Chrome vulnerability, Google Inc., Google Chrome, vulnerability, Chrome, programming

Discussion threads 2008-09-05

Linux under attack: Compromised SSH keys lead to rootkit

Linux under attack: Compromised SSH keys lead to rootkitLinux under attack: Compromised SSH keys lead to rootkitLOL! And the hits to linux just keep coming! So thats 4 different incidents within a week's time of how badly linux sucks. Poor linus must be hiding under his bed trying...

Tags: Operating systems, UNIX, Rootkits, OPEN SOURCE, Linux, SSH, attack, Compromised SSH, Compromised, Microsoft Windows, rootkit, security

Discussion threads 2008-08-26

iTunes Unlimited: music subscription rumor returns

iTunes Unlimited: music subscription rumor returnsI just don't understandwhy Apple doesn't offer a subscription service. They already have the DRM and authentication services in place. It would cost them very little.But I guess this is Apple. They tell you how you will use their products that you...

Tags: Digital media, music, Apple Inc., Apple iTunes

Discussion threads 2008-08-21

News to know: 64-bit Windows; JavaFX; Net neutrality; Apple

Notable headlines: Ed Bott: Suddenly, 64-bit Windows is mainstream Dear Adobe, can we please have a 64-bit Flash player? Larry Dignan: JavaFX SDK preview launches: Can Sun play the RIA game? Mary Jo Foley: Microsoft launches new search...

Tags: Apple iPhone, Larry Dignan, Broadband, Apple Inc., Net Neutrality, Microsoft Windows, 64-Bit, Network Technology, Operating Systems, Software, Processors, Semiconductors, Hardware, Components, Networking

Blog posts 2008-07-31

HD Moore pwned with his own DNS exploit, vulnerable AT&T DNS servers to blame

A week after |)ruid and HD Moore release part 2 of DNS exploit, HD Moore's company BreakingPoint has suffered a traffic redirection to a rogue Google site, thanks to the already poisoned cache at AT&T servers to which his company was forwarding DNS traffic : "It happened on Tuesday...

Tags: Revenue, Google Inc., DNS, DNS Server, AT&T Corp., Server, Attack, Domain Names, Networking, Security, Internet, Dancho Danchev

Blog posts 2008-07-30

Gaping holes in RealPlayer patched

Gaping holes in RealPlayer patchedReal is feeling threatened by AppleReal doesn't want to lose its title of "Least Secure Media Platform Ever Released" to QuickTime. How anyone can allow either of these programs on their computer is beyond me. You are practically [b]begging[/b] to get pwned.People still use that piece...

Tags: Digital music, Digital media, RealNetworks RealPlayer, Apple QuickTime

Discussion threads 2008-07-25

|)ruid and HD Moore release part 2 of DNS exploit

[Updated 07/24/2008: Gallery images of diffs of code revisions has been included and will be updated as things change, see here.] Earlier today, noted researchers |)ruid and HD Moore released exploit code for the Metasploit tool for attacking the DNS flaw that was originally reported by Dan...

Tags: DNS, Domain, Server, Entry, Exploit, NS, NS Record, Domain Names, Networking, Internet, Nathan McFeters

Blog posts 2008-07-23

News to know: Apple, Crapware; Icahn and Yahoo; Brocade

Notable headlines: Larry Dignan: Apple's Mac shipments surge; Lowballs on outlook; Jobs health worries Adrian Kingsley-Hughes: Apple reports record Q3 08 Does Apple need to announce a post Steve Jobs plan? Dennis Howlett: Apple chaos theory Jason O'Grady: Apple Q3 2008...

Tags: Apple iPhone, Sony Corp., Facebook, Larry Dignan, Yahoo! Inc., Brocade Communications Systems Inc., Apple Inc., Mice, Utility Computing, 3G, Open Source, Hardware, Peripherals, Cellular Phones, Consumer Electronics, Personal Technology

Blog posts 2008-07-22

iPhone 3G Pwned

iPhone 3G PwnedWhy is this tool necessary for iPhone 3G?Since Apple now allows you to install programs on the iPhone, why do people need to jailbreak them? In other words, what can you do with a jailbroken iPhone 3G that you can't do with a regular one?ntuse it on any...

Tags: 3G, Cellular phones, Apple iPhone 3G, Apple iPhone, iPhone 3G Pwned

Discussion threads 2008-07-21

iPhone 3G Pwned

From the "It was only a matter of time" department... Over the weekend, the iPhone Dev Team released PwnageTool 2.0.1, a free jailbreaking and unlocking tool for Apple's iPhone and iPod touch devices – including the iPhone 3G. The new version, which can be downloaded from the...

Tags: Apple iPhone, Apple iPhone 3G, Firmware, jason D. O'Grady, Management, PowerPage, Sparkle AppCast URL, Team Management

Blog posts 2008-07-21

Sony's amazing crapware-free PC

Sony's amazing crapware-free PCWhat's really sad.......is that you didn't bother to read the part where it says Sony quickly changed its mind about charging for crap-free PCs before running your yap.WrongAs John E notes, no customer has ever been charged for this option and the decision to charge was canceled...

Tags: Desktops, Notebooks, Sony Corp., PC

Discussion threads 2008-07-21

Apple hasn't learned from past security mistakes

Apple hasn't learned from past security mistakesTo sum upSafari is insecure because other software has exploits.Do you get dizzy much from spinning so fast?RE: Apple hasn't learned from past security mistakesIt probably has more to do with Apple being used to abiding by what is considered normal security obligations on...

Tags: security, Apple Safari, Apple Inc., security mistake

Discussion threads 2008-07-08

SunSpider JavaScript benchmark and ACID 3 compatibility charts - Firefox 3.0 RC 3 and Opera 9.50 added

SunSpider JavaScript benchmark and ACID 3 compatibility charts - Firefox 3.0 RC 3 and Opera 9.50 addedMy sentiments exactly... ntntToughts? Yeah...IE 7 sucks.My Java 6 in Advanced is pulling off three other java proteges.It seems to be broke-in an in stalled correctly.RE: SunSpider JavaScript benchmark and ACID 3 compatibility...

Tags: Web browsers, Main Thing, Opera Software, Mozilla Firefox, ACID 3 compatibility chart, compatibility chart, ACID 3, SunSpider JavaScript Benchmark, Firefox 3.0 RC 3, Mozilla Firefox 3.0, Opera 9.50, Web browser

Discussion threads 2008-06-16

Apple announces iPhone 3G; firmware 2.0

Apple announces iPhone 3G; firmware 2.03G iPhoneIf I upgrade from my current iPhone to the new 3G iPhone, what happens to my current EDGE iPhone? Can I still use it as a video iPod if there is no SIM card in it? And access email and the...

Tags: Cellular phones, WIRELESS, OOO, iPhone 3G, 3G, Apple announces iPhone 3G, Apple announces iPhone, Apple iPhone, Apple Announces, Apple Inc., firmware, phone

Discussion threads 2008-06-09

Why Apple must fix Safari 'carpet bombing' flaw immediately

Why Apple must fix Safari 'carpet bombing' flaw immediatelyThis is what I am talking aboutSo many Apple fans will tell everyone that Apple is the most secure, but then turn to this blog and say "we never said that". I am not a hater, but I do hate when...

Tags: INTERNET, Tools & Techniques, SECURITY, Apple Inc., Apple Safari, software

Discussion threads 2008-05-29

Motorola RAZR vulnerable, what's up with Motorola's update process?

Update 05/27/2007: One of the comments in the talkbacks (thanks kd5auq!)mentioned that there is no patch to be downloaded for AT&T based Motorola RAZR phones. I've no idea if Motorola currently or formerly supported AT&T based RAZRs, as I'm an iPhone kinda guy, but I'd be curious to see if...

Tags: User Interaction, Motorola Razr, Phone, Vulnerability, Motorola Inc., Text Messaging/SMS/MMS, Telecom & Utilities, Security, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Nathan McFeters

Blog posts 2008-05-27

OS security scorecard for Q1 08 - Do patch numbers mean anything to anyone?

OS security scorecard for Q1 08 - Do patch numbers mean anything to anyone?MSFT VS AppleQuite honestly I don't think it as big a deal anymore. A hole is found and then a patch is sent to our PC's. Big deal. In all the years of owning a PC I...

Tags: Patches, Operating systems, Microsoft Only, patch management, Q1 08, numbers mean, Microsoft Corp., OS Security, operating system

Discussion threads 2008-05-15

Call for military to operate botnet

Call for military to operate botnetI'd volunteer my PCs to help.If they did this above-board, with a SETI screen saver style app we could install deliberately, I'd bet they could have 50 million machines ready to help with this in a matter of weeks.RE: Call for military to operate botnetI'd...

Tags: Internet service providers (ISPs), SECURITY, NETWORKING, Internet Service Provider, attack, Internet

Discussion threads 2008-05-12

Novell GroupWise 'mailto' URI handler buffer overflow vulnerability

Researcher Juan Pablo Lopez Yacubian has reported another URI abuse exploit. From Security Focus: Novell GroupWise is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue will allow an attacker to execute...

Tags: Novell Inc., Researcher, Vulnerability, Buffer-overflow, Novell GroupWise, E-mail Servers, E-mail Clients, Groupware, Viruses And Worms, Security, Enterprise Software, Software, Nathan McFeters

Blog posts 2008-04-29