thomas ptacek

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Vulnerability disclosure gone awry: Understanding the DNS debacle

On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky with the help of Black Hat conference organizers invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday." "A synchronized...

Tags: Black Hat, DNS, Conference, Dan Kaminsky, Thomas Ptacek, Domain Names, Patches, Security, Networking, Internet, Ryan Naraine

Blog posts 2008-07-22

Researchers pooh-pooh Mac OS X Leopard security

The first independent reviews of the security enhancements in Mac OS X Leopard are in -- and they're not entirely pleasant for the folks in Cupertino. First up is Heise Security's takedown of the new application-based firewall in Leopard, which Apple promises will specify the behavior of...

Tags: Firewall, Apple Macintosh, Network, Leopard, Thomas Ptacek, Firewalls, Apple Mac OS X, Network Security, Apple Mac OS, Security, Operating Systems, Networking, Software, Ryan Naraine

Blog posts 2007-10-30

Additional Resources

Don't doubt Deputy Dan

Well, it would seem that Tom Ptacek may have figured out something to do with Dan Kaminsky's earlier DNS flaw, and this may actually be the vulnerability to fear that we had originally heard.  Let's just say this, I've read Tom's postings on the Matasano blog for quite some time...

Tags: DNS, Domain Names, Networking, Internet, Nathan McFeters

Blog posts 2008-07-08

Kaminsky and Ptacek comment on DNS flaw

Well, well, well, what a day for security news! I got a chance to get the scoop word of mouth from Dan Kaminsky of IOActive (pictured above [image courtesy of quinnums]) and Thomas Ptacek of Matasano pictured below on the DNS flaw that's been all over the...

Tags: DNS, Flaw, Nate, Domain Names, Networking, Security, Internet, Nathan McFeters

Blog posts 2008-07-08

Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08

It would seem there's a bigger story to that MS08-037 flaw that came out for Patch Tuesday today. From Dave Lewis over at the Liquid Matrix security blog: Today Dan Kaminsky released a first, as far as I can recall. A coordinated patch was released today...

Tags: Black Hat, DNS, CERT, Flaw, Mogull, Updates, Domain Names, Networking, Security, Internet, Nathan McFeters

Blog posts 2008-07-08

How Snow Leopard can save Mac OS X from malware attacks

Guest Editorial by Dino Dai Zovi As reported by Intego and Matasano Security, a new local privilege escalation vulnerability has been found that gives local root access on Mac OS X Tiger and Leopard. While Intego calls this a critical vulnerability, I'm mostly with...

Tags: Apple Macintosh, Vulnerability, Malware, Attack, Apple Mac OS X, Apple Mac OS, Spyware, Adware & Malware, Desktops, Cyberthreats, Security, Operating Systems, Viruses And Worms, Software, Hardware, Ryan Naraine

Blog posts 2008-06-23

Apple security team finds code execution holes in Ruby

A member of Apple's security team has discovered multiple serious security vulnerabilities in Ruby, the popular open-source scripting language. According to an advisory on the Ruby project site, Apple's Drew Yao reported at least six of the vulnerabilities, which can be exploited to cause a denial-of-service  condition...

Tags: Team, Vulnerability, Apple Inc., Ruby, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2008-06-20

Mark Dowd's null pointer dereference exploit and advanced Flash ActionScript techiques proove definitively: Aliens Do Exist!

Alright, I'm just going to start out with a little background before I start, this particular research was so cool that I've been talking about it all day.  Reading this whitepaper, written by Mark Dowd, was as exciting to me as watching highlights of Michael Jordan sinking that winning shot,...

Tags: Research, Adobe Systems Inc., Blog, Blogging, Team Management, Internet, Management, Nathan McFeters

Blog posts 2008-04-16

Target-Based TCP Stream Reassembly

In their landmark 1998 paper, "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection," Thomas Ptacek and Timothy Newsham exposed some weaknesses in Intrusion Detection Systems IDS. The authors revealed that intrusion detection systems cannot be effective and accurate because they do not necessarily process, or perhaps, even observe...

Tags: Sourcefire Inc., Intrusion Detection System, TCP, Tcp/Ip, Intrusion Detection, Networking, Network Security, Security

White papers 2007-08-03

Blue Pill Project extends VM rootkit cat-and-mouse tussle

LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat

Blog posts 2007-08-02

Hacker movements: Murphy joins Apple; Caceres to Matasano

LAS VEGAS - On the heels of Google's hire of browser hacking whiz Michal Zalewski comes news that another well-known vulnerability researcher is moving over to the vendor side.Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product...

Tags: Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-08-01

Let users virtualize Vista because hypervisor rootkits are no threat

Ryan Naraine is on vacation. Guest editorial by Thomas Ptacek Several weeks ago, reports surfaced that the threat of super-sophisticated "hypervisor malware" was preventing Microsoft from allowing their Windows Vista Home Edition operating system from running within virtualization software. Now, Microsoft may have a lot of good reasons for restricting...

Tags: Windows Vista, Vulnerability research, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple

Blog posts 2007-07-05

Blue Pill hacker challenge update: It's a no-go

A quick update to the challenge handed down to hacker Joanna Rutkowska to prove that her Blue Pill technology creates "100% undetectable malware."Rutkowska says she is "ready to accept" the challenge but wants her two-person team to be paid $384,000 ($200 a day each for two people working full-time for...

Tags: Uncategorized

Blog posts 2007-06-29

Rutkowska faces '100% undetectable malware' challenge

At last year's Black Hat security conference, stealth malware researcher Joanna Rutkowska caused a stir with the introduction of Blue Pill, a new technology she claims can create malware that remains "100 percent undetectable."This year, a group of her peers will challenge Rutkowska to prove it, arguing that a...

Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Open source, Microsoft, Metasploit, Hackers, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Apple

Blog posts 2007-06-27

Mac hack challenge sparks (another tired) debate

Like an old grandfather clock, the controversy surrounding last months CanSecWest MacBook hijack contest just keeps on ticking, loud enough to stick in your ear but so monotonous and tiring that its near impossible to perk up and listen. Just as Apple was releasing a patch for the QuickTime flaw,...

Tags: Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Oracle, Open source, Microsoft, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Cisco, Browsers, Botnets, Apple, Spyware and Adware, Viruses and Worms, Vulnerability research, Wi-Fi security, Windows Vista, Zero-day attacks

Blog posts 2007-05-08

MacBook exploit in circulation?

Rumors are flying that packet captures from Dino Dai Zovis MacBook Pro exploit has been swiped and is making the rounds online.An anonymous blogger claims he/she was able to monitor the network at CanSecWest security conference and snag a full packet capture of the contest, which pitted hackers against two...

Tags: Zero-day attacks, Wireless, Vulnerability research, Responsible disclosure, Privacy, Firefox, Wi-Fi security, Pen testing, Patch Watch, Mozilla, Hackers, Exploit code, Data theft, Browsers, Apple

Blog posts 2007-04-25

Month of Apple bugs hacker signs off

The controversial MOAB Month of Apple Bugs project crossed the finish line today with a cryptic "coming soon" note, a promise to release an exploit for a remote kernel vulnerability and a vow from one of the organizers to stop publicizing his flaw findings."My time disclosing exploits is over," said...

Tags: Apple, Apple Macintosh, exploit, Hackers, Responsible disclosure, security, Vulnerability research

Blog posts 2007-01-31