Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- sort by:
- Relevance
- Date
- Popularity
- Black Hat Las Vegas Day 2
- Black Hat Las Vegas Day 2Dowd and SotirovYou mention Dowd and Sotirov's talk in passing. I'm intensely curious to read your take on their presentation when you get an opportunity to review their stuff. Is it on your blogging agenda?GreatSounds like lots of fun. Nice update. Don't know how you...
- Discussion threads 2008-08-09
Additional Resources
- Apple eliminates CanSecWest Pwn2Own flaws
- Apple eliminates CanSecWest Pwn2Own flawsFault EliminationI did see the SVG fix in your article on 10.5.7's release and your relaying of Apple's attribution of discovery to "Nils." Regarding the IE8 issue, this is difficult to research because the signal to noise ratio is real low, but it looks as though...
- Discussion threads 2009-05-14
- Nils2Own: 'I want to see security flaws fixed'
- VANCOUVER, BC -- Charlie Miller may have dominated the headlines but the undisputed champion of this year's CanSecWest Pwn2Own contest was a hitherto unknown hacker who asked to be identified simply as "Nils." A day after his perfect sweep of the breaking into...
- Blog posts 2009-03-23
- Questions for Pwn2Own hacker Charlie Miller
- VANCOUVER, BC -- At the CanSecWest security conference here, I got a chance to sit down with Charlie Miller, the researcher who broke into a fully patched MacBook machine using a Safari code execution vulnerability. We discuss the state of Web browser security, the vulnerability marketplace and...
- Blog posts 2009-03-19
- Pwn2Own hacker contest targets browsers, smart phones
- Pwn2Own hacker contest targets browsers, smart phonesBig correction[i]Alex Sotirov also partnered with Macaulay in 2008 to exploit a Windows Vista vulnerability.[/i]It was not a Vista vulnerability, it was a Flash vulnerability. The [b]only[/b] OS to fall in its out of the box plus fully patched configuration was OS X. Try...
- Discussion threads 2009-02-11
- Pwn2Own hacker contest targets browsers, smart phones
- After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets:Â Web browsers and mobile phones. According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year -- one pitting hackers against...
- Blog posts 2009-02-11
- MD5/rogue CA attack: The sky is not falling
- Guest post by John Viega Today there’s been a lot of buzz about the clever new attack on public key infrastructure from Alex Sotirov and a team of researchers.  In the attack, the bad guy ends up with his own Certification Authority CA that is...
- Blog posts 2008-12-31
- An easy fix ignored
- An easy fix ignoredWhich points out the other obvious flaw...Who identified these CA's as being trustworthy in the first place? No one. They are self-appointed holders of our trust.This was the major criticism of the certificate process in the first place, and the fact that they continue to...
- Discussion threads 2008-12-30
- An easy fix ignored
- Guest post by Chris Eng In the wake of this morning's 25C3 presentation by Alex Sotirov and Jacob Appelbaum, most of the coverage I've read so far has focused on the technical details and real-world impact of their findings. Rightly so -- their paper describing the attack...
- Blog posts 2008-12-30
- SSL broken! Hackers create rogue CA certificate using MD5 collisions
- Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority CA, a breakthrough...
- Blog posts 2008-12-30
- News to know: Cyber attacks; Google; Windows security; Gmail outage
- Notable headlines: Larry Dignan: Georgia turns to Google's Blogger amid Russia onslaught Dancho Danchev: Coordinated Russia vs Georgia cyber attack in progress ZDNet UK: Georgia accuses Russia of co-ordinated cyberattack Video: Defcon: Where feds and hackers rub elbows News.com: Defcon ends...
- Blog posts 2008-08-12
- Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks out
- Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks outNicely doneI appreciate that you took the time to speak with the researcher who actually discovered the flaws.There are a couple of bloggers on ZDNET who always seem slant their "blogs" with grandiose claims against one platform or technology.I think...
- Discussion threads 2008-08-11
- Alarmed about Vista security? Black Hat researcher Alexander Sotirov speaks out
- Earlier today I published a lengthy blog post questioning some of the sensationalist conclusions raised in press coverage of a paper presented by Alexander Sotirov and Mark Dowd at last week’s Black Hat Conference in Las Vegas. This afternoon, I received an e-mail from Sotirov, who says he was "horrified...
- Blog posts 2008-08-11
- Windows security rendered useless? Uh, not exactly
- Windows security rendered useless? Uh, not exactlyOh no!!Another Bott post!!!! I glad there is no more nonsense comparison between two different things.Um, Ed ...... I know you read the paper because I sent you the PDF, but it seems you failed to notice a few things.You accuse me of "alarming...
- Discussion threads 2008-08-11
- Windows security rendered useless? Uh, not exactly
- Oh dear. The Chicken Little contingent is out in full force. Break out your Kevlar helmets, everyone, because the sky is falling on Windows! At last week’s Black Hat conference in Las Vegas, researchers Alexander Sotirov and Mark Dowd presented a paper that outlined some new attack vectors they had...
- Blog posts 2008-08-11
- Windows broken ... I'm surprised it took this long
- Windows broken ... I'm surprised it took this longBest security is to take computers off the NetFor my computers at home, there is now only one that has firewalled access to the Internet. My kids' computers DO NOT. My media server DOES NOT. The PC with my finance stuff and...
- Discussion threads 2008-08-09
- Black Hat Las Vegas Day 2
- Again, sorry for the late updates. Vegas is the kind of place that demands a lot of a person. Too many parties make it difficult to find time to blog on the conference. Pictures of the even are a bit sparse, due to consistently forgetting to bring my camera, but...
- Blog posts 2008-08-09
- Windows broken ... I'm surprised it took this long
- So, in a stroke, two security researchers Mark Dowd of IBM and Alexander Sotirov or VMware at Black Hat have set browser security back 10 years and rendered Vista's security have been rendered useless. by Adrian Kingsley-Hughes
- Blog posts 2008-08-09
- Black Hat Las Vegas Day 1
- Well, this is well late, but here's my recap of Black Hat Day 1. Sorry for the delay, but I've been terribly busy finishing up preparations for my Day 2 talk. The first talk I went to see, "Pointers and Handles, A Story of Unchecked Assumptions...
- Blog posts 2008-08-08
- Black Hat Sneak Preview
- Rob McMillan from IDG interviewed John Heasman and I today about the presentation we will be delivering with Rob Carter at Black Hat Vegas next week. The article has a good teaser about one of the more interesting of the many attacks we will cover, namely what we've coined...
- Blog posts 2008-08-01
- << Previous
- page 1 of 1
- Next >>
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Meet Doc
-
-
Here to help you with your Document Management Needs
- Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
- To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
-
Produced by
ZDNet and -
