Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- High-profile New Zealand websites hacked
- High-profile New Zealand websites hacked "and no one hates Microsoft more than linux fanboys."Eh? How 'bout iFanbois?RE: High-profile New Zealand websites hacked Had to be a linux fanboy. No one else would commit such a horrible crime and we know what a bunch of ruthless savages linux users can be....
- Tags: Scripting languages, Programming languages, Operating systems, UNIX, SECURITY, OPEN SOURCE, SQL injection, SQL, Linux, High-profile New Zealand website, vulnerability, linux fanboy, fanboy, SQL Injection vulnerability
- Discussion threads 2009-04-21
Additional Resources
- PBS.org hacked, serving malware cocktail
- They must be running linux.yes, they are running LinuxSurprise, Linux is not immune...However, to be fair this hack was likely through some application layer vulnerability, not a Linux exploit, unless the admin is really inept. Most likely a SQL injection attack.Linux nor Windows are really hackable when set up as...
- Tags: UNIX, Operating systems, OPEN SOURCE, malware, Linux, Foxit Reader, PBS
- Discussion threads 2009-09-18
- 55,000 Web sites hacked to serve up malware cocktail
- The key words..."PC users"Another WIndows exploit?How can this possibly be happening. According to most of the Windows fan boys on ZDnet, it isn't even necessary to run antivirus with super-secure WIndows. Ahh, silly me, I forgot - these 'power users' represent about 0.0000001% of the real world's Windows user base....
- Tags: Spyware, adware & malware, Cyberthreats, Viruses and worms, Web site development, SECURITY, Spyware, malware, Microsoft Windows, malware cocktail, trojan horse, Apple Safari, Web site, Web
- Discussion threads 2009-08-24
- Password-reset flaw haunts WordPress admins
- Open source and PHP at its worstI cannot fathom the design decisions that went into PHP. Maybe that's because there weren't any. That "language" I use that term in the broadest sense here is accident upon accident, quirk upon quirk, patch upon patch. PHP is a complete mess without a...
- Tags: Scripting languages, PHP, Wordpress
- Discussion threads 2009-08-11
- U.S. Army servers breached by Turkish hackers
- U.S. Army servers breached by Turkish hackers A question that puzzles meWhy on Earth is an US Army's Ammunition Plant and an US Army Corps of Engineers running insecure software from M$, more precisely Microsoft SQL Server?Presumably there are many other critical US institutions running dangerous software from M$. The...
- Tags: Databases, SECURITY, Servers, server, SQL injection, Turkish Hackers, SQL, Microsoft SQL Server, Microsoft Corp., vulnerability, U.S. Army
- Discussion threads 2009-06-01
- French hacker gains access to Twitter's admin panel
- UPDATE2: Twitter confirms the unauthorized access. UPDATE: The Twitter admin hack appears to be the result of a successful social engineering attack against one of Twitter's employees -- similar attack took place in January this year. Here's a retrospective of the events that took place. ...
- Tags: Hacker, Twitter, Attack, Hacking, Security, Dancho Danchev
- Blog posts 2009-04-30
- Inside Microsoft’s February patch batch
- Inside Microsoft’s February patch batchMS09-004 Correctly RatedWe applied the KBs related to MS09-003 early this morning via our emergency patching process. However, 09-004 is correctly rated and will receive our standard patch testing. First, internal DB servers are already separated from SQL injection from the outside. Second, the tiered nature...
- Tags: Microsoft Windows Vista (Longhorn), PRODUCTIVITY, Microsoft Windows XP, Long-time, LONG PAUSE, Microsoft Corp.
- Discussion threads 2009-02-11
- Inside Microsoft's February patch batch
- Guest post by Eric Schultze It's a seemingly light batch of patches this month, trailing an even lighter, single patch release in January. Two critical items were released -- including patches for Internet Explorer 7 and Microsoft Exchange Server. Additionally, two "important" items...
- Tags: Microsoft Visio, Attacker, Microsoft SQL Server, Microsoft Exchange Server, Microsoft Internet Explorer 7, Patch Management, Microsoft Corp., MS09-002, MS09-003, MS09-004, MS09-005, Patches, Servers, Security, Databases, Hardware, Enterprise Software, Software, Data Management, Ryan Naraine
- Blog posts 2009-02-11
- Microsoft confirms critical SQL Server vulnerability
- Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line. The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL...
- Tags: Microsoft SQL Server, Vulnerability, Server, Exploit Code, Microsoft Corp., Microsoft SQL Server 2005, Databases, Enterprise Software, Security, Software, Data Management, Ryan Naraine
- Blog posts 2008-12-22
- Acunetix Web Vulnerability Scanner 6.0.20081209 (Windows)
- Audit your website security with Acunetix Web Vulnerability Scanner Hackers are concentrating their efforts on attacking applications in your website: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Web applications are accessible 24 hours a day, 7 days a week and control...
- Tags: Web, Scanner, Vulnerability, Web Application, Microsoft Windows, Web Site, Acunetix, Cloud Computing, Web Site Development, Security, Internet
- Software downloads 2008-12-17
- Microsoft scrambles on IE zero-day; Can move when it wants to
- Microsoft is planning an out-of-band patch for Internet Explorer browser Wednesday as malware attacks escalate. Ryan Naraine has the details: Microsoft is planning to ship an emergency Internet Explorer update tomorrow (December 17) to counter an escalating wave of malware attacks targeting a zero-day browser vulnerability....
- Tags: Malware, Microsoft Internet Explorer, Microsoft Corp., Web Browser, Attack, Ryan Naraine, Web Browsers, Patches, Spyware, Adware & Malware, Security, Viruses And Worms, Internet, Larry Dignan
- Blog posts 2008-12-16
- As attacks escalate, MS readies emergency IE patch
- Microsoft is planning to ship an emergency Internet Explorer update tomorrow (December 17) to counter an escalating wave of malware attacks targeting a zero-day browser vulnerability. [ SEE: Hackers exploiting unpatched IE 7 flaw to launch drive-by attacks ] The out-of-band...
- Tags: Microsoft Internet Explorer, Microsoft Corp., Attack, Microsoft Windows, Web Browsers, Security, Operating Systems, Software, Internet, Ryan Naraine
- Blog posts 2008-12-16
- Black market for zero day vulnerabilities still thriving
- One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released flaws. They'd be wrong. The black market for zero day vulnerabilities and the concept of over-the-counter OTC trade of zero day flaws, has been...
- Tags: Web, Vulnerability, Web Application, SQL Injection, Exploit, Day Vulnerability, E-shop, Security, Dancho Danchev
- Blog posts 2008-11-02
- Fortify warns of configuration weaknesses in SOA deployments
- Security code review specialists Fortify Software has issued a warning about major configuration weaknesses affecting SOA service oriented architecture deployments from IBM, Microsoft and Apache. According to Fortify, certain configurations of Apache Axis, Apache Axis 2, IBM WebSphere 6.1, Microsoft .NET Web Services Enhancements WSE 2.0 and...
- Tags: Apache Software Foundation, SOA, Application Security, Attack, Veracode, Service-Oriented Architecture (SOA), Security, Middleware, Enterprise Software, Web Services, Software, Ryan Naraine
- Blog posts 2008-07-29
- 2008 Pwnie Award nominees announced
- Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on. From the site: The final list of nominees for the nine Pwnie Award categories is ...
- Tags: Attack, Flaw, Lifelock, Nathan McFeters, Nominee, Security, Vulnerability, XSS, XSS Flaw
- Blog posts 2008-07-21
- Ounce Labs finds 2 security vulnerabilities in Spring framework
- Code inspector Ounce Labs has identified two vulnerabilities in the open source Spring framework that exposes their enterprise applications to would-be hackers and hijackers. The two issues, ModelView Injection and Data Submission to Non-Editable Fields, affect only the MVC module of the Spring framework, which is used to...
- Tags: Vulnerability, XSS, Framework, Ounce Labs, Spring, Security, Operational Planning, Databases, Business Operations, Enterprise Software, Software, Data Management, Paula Rooney
- Blog posts 2008-07-16
- David Litchfield on details of one of the critical vulnerabilities from the latest Oracle patch
- More details coming out on the Oracle patches that were released last week, see Ryan Naraine's write up here. David Litchfield, noted security researcher from NGSSoftware, released details of one of the vulnerabilities on the Full-Disclosure email list today, and the details are staggering. The flaw allows potential unauthenticated remote...
- Tags: Oracle Application Server, Oracle Corp., Database Server, Critical Vulnerability, Application Servers, Middleware, Databases, Enterprise Software, Security, Software, Data Management, Nathan McFeters
- Blog posts 2008-07-15
- Symantec says Microsoft Access ActiveX attacks to increase
- Symantec has reported that the Neosploit toolkit has been updated to include attack vectors for the recent Microsoft Access ActiveX vulnerability. Neosploit is a toolkit for sale on the market (price estimates fall between $1500-$3000) that seeks to automate and extend the capability of browser exploits. Symantec...
- Tags: Web, Symantec Corp., Microsoft Access, Vulnerability, Trusted Site, ActiveX Control, Microsoft Internet Explorer, Microsoft Corp., Web Site, Site, Zone, Intranet, Attack, Neosploit, Internet, ActiveX/COM/COM+/DCOM, Web Browsers, Security, Software Development, Software/Web Development, Nathan McFeters
- Blog posts 2008-07-14
- Internet Explorer 'feature' causing drive-by malware attacks
- Internet Explorer 'feature' causing drive-by malware attacksNo surprise hereEver single vulnerability in IE is due to a built in feature.In fact, IE itself can be considered a "zero day" attack friendly vector. The primary point of failure in IT security.what version?what version?RE: Internet Explorer 'feature' causing drive-by malware attacks[i]taking advantage...
- Tags: Web browsers, Spyware, adware & malware, Cyberthreats, SECURITY, Microsoft Internet Explorer, malware, malware attack
- Discussion threads 2008-06-27
- 90% of all statistics can be made to say anything... 50% of the time, aka my thoughts on the Verizon report
- ** Update 06/23/2008: I realize I didn't do a very good job of talking about what we're reviewing here. This is in response to the statistics gathered by Verizon related to Forensic Analysis of Data Breaches over a four year span. First off, let me...
- Tags: Business Partner, Vulnerability, Verizon Communications Inc., Attack, Data Breach, Security, Nathan McFeters
- Blog posts 2008-06-22
- << Previous
- page 1 of 1
- Next >>
Enterprise Applications
-
Check out some of the easiest and most powerful ways to boost productivity
while saving money on your application infrastructure. See ZDNet's
comprehensive
Enterprise Application
resource center, now!
- New Online Dashboard
-
-
Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems.
Oracle Topline
-
White Papers and Webcasts
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
