vulnerability disclosure Resources

ZDNet Dictionary Definition

Vulnerability Disclosure: Refers to reporting security flaws to vendors and the general public. Normally, vulnerabilities are first reported to the software vendor and then revealed to the public after the vendor...; Full Vulnerability Disclosure Definition >>

ZDNet Resources

Windows security rendered useless? Uh, not exactly: Oh dear. The Chicken Little contingent is out in full force. Break out your Kevlar helmets, everyone, because the sky is falling on Windows! At last week's Black Hat conference in Las Vegas, researchers Alexander Sotirov and Mark Dowd presented a paper that outlined some new attack vectors they had...; Tags: Black Hat, Attacker, Windows Security, Vulnerability, Microsoft Windows Vista, Defense, Memory Protection, Vulnerability Disclosure, Microsoft Windows, Microsoft Windows Vista (Longhorn), Security, Operating Systems, Software, Ed Bott; Blog posts 2008-08-11

Additional Resources

With 256-bit encryption, Acrobat 9 passwords still easy to crack: Following ElcomSoft's claim that despite the 256-bit encryption Acrobat 9 passwords are susceptible to more efficient brute forcing than Acrobat 8 passwords -- a claim that Adobe confirmed citing usability trade-offs and urged users to take advantage of its improved passphrase mechanisms -- ElcomSoft's Dmitry Sklyarov and Vladimir Katalov provide...; Tags: Adobe Systems Inc., Password, Adobe Acrobat, Encryption, Dancho Danchev; Blog posts 2008-12-04
588 Kleiner Perkins iFund developers accidentally leaked to Web: A MySQL file containing contact information, founder bios, business plans, demos and financial information for 588 applicants to Kleiner Perkins's iFund – a $100 million fund to invest in startups building applications for the iPhone – was accidentally posted to the Web and indexed by Google. Kleiner...; Tags: Developer, Web, Kleiner Perkins Caufield & Byers, Fruux, BIOS, Open Source, Databases, Financial Accounting, Hardware, Components, Enterprise Software, Software, Data Management, Finance, Jason D. O\'Grady; Blog posts 2008-12-04
Secunia: Less than 2% of Windows PCs fully patched: It's long been established that the unpatched state of the Windows monoculture is the reason we are facing a malware epidemic. Yet, the latest vulnerability patching statistics from Secunia's PSI Personal Software Inspector is a major eye-opener for everyone tracking the security of the Windows ecosystem. According...; Tags: Program, PC, Malware, Windows PC, Secunia, Spyware, Adware & Malware, Cyberthreats, Microsoft Windows, Desktops, Tools & Techniques, Security, Viruses And Worms, Operating Systems, Software, Hardware, Management, Ryan Naraine; Blog posts 2008-12-04
Slicing up Sun: Being employed by a large technology company and being a freelance technology writer has its pitfalls -- one of which is from a disclosure perspective, I'm not allowed to talk about strategy and forward-looking statements regarding the company I work for. The risk...; Tags: Sun Microsystems Inc., Storage, Open Source, Processors, Servers, Hardware, Semiconductors, Components, Jason Perlow; Blog posts 2008-12-03

E pur se muove (and yet it moves): * Ryan Naraine is traveling. Guest editorial by Ivan Arce On January 15, 2008, the Vatican released a statement indicating that Pope Benedict XVI had canceled his visit to Italian La Sapienza University as a result of a series of protests...; Tags: Information Security, Galileo Galilei, Security, Ryan Naraine; Blog posts 2008-12-02
Vendor claims Acrobat 9 passwords easier to crack than ever: Password recovery software vendor ElcomSoft claims that the password verification mechanism in the new Adobe Acrobat 9 is weaker than the one used in the previous version of Adobe's product, thereby allowing them to improve the brute forcing speed a hundred times faster. The company's claim comes right after Adobe's...; Tags: Adobe Systems Inc., Password, Passphrase, Adobe Acrobat, ElcomSoft, Dancho Danchev; Blog posts 2008-12-02
Breaking the zero-day habit: * Ryan Naraine is traveling. Guest editorial by Mike Rothman Given that this blog is called "Zero Day," I think it's fitting that I'm calling for most security professionals to ignore most of what comes out of the security research community. To be...; Tags: Security Professional, Risks, Security, Ryan Naraine; Blog posts 2008-12-02
Google: no evidence of a Gmail vulnerability: Google: no evidence of a Gmail vulnerabilityGmail problems ignored by google!Apparently my gmail page was hacked and infected by the clickjacking worm/trojan/bot. After months (April? August to date)struggling with an undetectable (by AV/computer pros) clickjacking problem, I infected a new laptop computer by clicking on the link to my sophos...; Tags: E-mail providers, cloud computing, Google Gmail, Google Inc.; Discussion threads 2008-11-27
The verdict: Lori Drew is guilty.: The verdict: Lori Drew is guilty.Yes, she is guilty.... BUTNot of the most serious things that they were trying to convict her of. Really, once ALL the facts came out, you realized that these comments were NOT the cause of Megan's suicide.What was? Her parents lack of support to her...; Tags: Litigation, ECONOMIC HARM, Lori Drew, verdict; Discussion threads 2008-11-26
New worm exploiting MS08-067 flaw spotted in the wild: Microsoft's Security Response Center and McAfee are warning on increased network scanning activity during the last couple of days courtesy of the very latest W32/Conficker.worm exploiting the already patched MS08-067 vulnerability. What's particularly interesting in the latest wave of copycat worms is that W32/Conficker.worm is patching the infected host in...; Tags: Flaw, Malware, Worm, Tool, Cyberthreats, Spyware, Adware & Malware, Viruses And Worms, Productivity, Security, Dancho Danchev; Blog posts 2008-11-26
Why engage in open source FUD?: Why engage in open source FUD?WellWell with a screwed up patent system like you got in the USA where you can patent software code, you are bound to have problems.What FUD needs is a schoolto educate the public, in:What FUD isWho uses FUD past and presentHow to use FUDWho is/are/were...; Tags: FUD, open source; Discussion threads 2008-11-26
Google: no evidence of a Gmail vulnerability: Following the speculations on the resurrection of what's thought to be an already fixed Gmail flaw which could assist in domain name hijackings, yesterday Google commented that their investigation indicated that the recent domain hijacks should be attributed to a phishing campaign, rather than to a Gmail flaw. The phishers...; Tags: Google Inc., Google Gmail, Attacker, Vulnerability, Phishing, Cyberthreats, Spam, E-mail Providers, Security, Viruses And Worms, Spam And Phishing, Internet, Dancho Danchev; Blog posts 2008-11-26
The uncertainties of social media for traditional brands: Guest post: Drew Bartkiewicz is a vice president of Technology and New Media Markets for The Hartford, and author of the upcoming book, Unseen Liability. In today's 24/7 business world, companies and their customers are consuming, sharing and storing data at an unprecedented rate. This data has...; Tags: Web, Brand, Network, Social Media, Tiffany, Web 2.0, Intellectual Property, Internet, Research & Development, Business Operations, Larry Dignan; Blog posts 2008-11-25
iPhone update kills 12 security bugs: Apple has released iPhone OS 2.2 with patches for 12 documented security flaws, some very serious. The vulnerabilities covered by the patch which also affect iPod Touch could allow remote code execution, information theft, software crashes and weakened encryption settings. The skinny on this...; Tags: Apple iPhone, Security, Issue, SMS, Arbitrary Code Execution, Security Bug, Application Termination, Text Messaging/SMS/MMS, Telephony, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Networking, Ryan Naraine; Blog posts 2008-11-21
Gartner tries to scare businesses adopting open source: Gartner tries to scare businesses adopting open sourceYou are wrong, Gartner is correct...My rep has confirmed this for me as well. Open Source is impossible to license and maintain. Thus, the only true solution to IT needs and efficiencies is adopting a Microsoft strategy throughout the entire organization. My rep...; Tags: Gartner Inc., open source, software; Discussion threads 2008-11-20
Non-Disclosure Agreement Template: The Non-Disclosure agreement is a key document to have in place if your organization works with a lot of electronic material or sensitive information of any kind. It can be key in ensuring an organization's documents are not easily compromised. The Non-Disclosure Agreement will also help ensure your...; Tags: Agreement, Non-Disclosure Agreement; Download resources 2008-11-19
Microsoft to deliver free anti-malware to Windows users: Microsoft to deliver free anti-malware to Windows usersI like its adblock and flash block tho.I cannot go on internet without them.Please elaborate......Why do you not like it? I'm not saying your wrong I'm just interested to know.You've got questions, we've got answers:[i]Do you trust Microsoft to provide security software?[/i]No more...; Tags: Cyberthreats, Spyware, adware & malware, Web browsers, Viruses and worms, Microsoft Corp., anti-Malware, UAC, Morro, security, Microsoft Windows; Discussion threads 2008-11-18
Microsoft kills OneCare, replaces it with freebie 'Morro': Microsoft today announced plans to kill its Windows Live OneCare PC care and security suite and replace it with a free anti-malware utility. The new product, code-named "Morro," will be designed for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios...; Tags: PC, Microsoft Windows Live, Malware, Microsoft Corp., Microsoft Windows Live OneCare, Microsoft Windows, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Operating Systems, Software, Ryan Naraine; Blog posts 2008-11-18
Adobe AIR hits 'critical' security turbulence: Buried in today's flurry of feel-good Adobe news is this less flattering nugget: Adobe AIR is vulnerable to several critical vulnerabilities that could expose users to code execution attacks. The company released AIR 1.5 with fixes for previously discussed flaws in Flash Player (which is embedded into...; Tags: Adobe Systems Inc., Adobe AIR, Macromedia Flash Player, Scripting Languages, Security, Software/Web Development, Web Development, Ryan Naraine; Blog posts 2008-11-17

<< Previous
page 1 of 1
Next >>

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Fusion

There’s a new energy coming from the people of AMD. Its the power of Fusion.
Learn about the power of fusion at work and the industry-changing impact of accelerated computing.
View AMD video, case studies, blogs, forums, and more on ZDNet »

vulnerability disclosure

Sponsored White Papers, Webcasts, and Downloads

ZDNet Dictionary Definition

ZDNet Resources

Additional Resources

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Fusion

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads