Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Patch Tuesday: 7 bulletins, 18 flaws, all critical
- Its an all-critical Patch Tuesday.Microsoft has just released seven advisories -- all rated critical -- with patches for at least 18 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser.Five of the 18 vulnerabilities affect Windows Vista.The batch of updates includes...
- Tags: Apple, Botnets, Browsers, Data theft, Exploit code, Hackers, Metasploit, Microsoft, Open source, Patch Watch, Pen testing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Uncategorized, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks
- Blog posts 2007-05-08
- Botnet herders pounce on Windows DNS RPC flaw
- Online criminals have pounced on the unpatched Windows DNS Server service vulnerability, using the security hole to seed and replenish for-profit botnets.The latest twist in the ongoing attacks comes less than a week after Microsofts pre-patch advisory provided clues for hackers to write and release detailed exploit code.Anti-virus researchers have...
- Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Uncategorized, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets
- Blog posts 2007-04-17
- Oracle Patch Day: 37 flaws fixed
- Oracle has released its quarterly "critical patch update" with fixes for a total of 37 security holes in its database and application server products.The April 2007 CPU addresses a wide range of vulnerabilities affecting the following product lines:* Oracle Database (14 flaws, including one with a CVSS base score of...
- Tags: Vulnerability research, Pen testing, Uncategorized, Responsible disclosure, Patch Watch, Oracle, Metasploit, Hackers, Exploit code, Data theft
- Blog posts 2007-04-17
- Microsoft: Beware of .HLP files
- Microsoft is urging Windows users to be very careful when opening ".hlp" attachments.The warning follows the release of exploit code for possible new zero-day bug in the Microsoft Help subsystem, which is used to display files with the ".hlp" extension. The proof-of-concept code, posted at Milw0rm.com, provides instructions on how...
- Tags: Zero-day attacks, Viruses and Worms, Spam and Phishing, Rootkits, Pen testing, Patch Watch, Microsoft, Hackers, Exploit code, Data theft, Vulnerability research, Uncategorized, Spyware and Adware, Responsible disclosure, Browsers
- Blog posts 2007-04-11
- Microsoft knew of Windows .ANI flaw since December 2006
- A private security research outfit says it notified Microsoft about the animated cursor (.ani) code execution vulnerability since December 2006, a full four months ahead of yesterday's discovery of Internet Explorer drive-by attacks.According to Alexander Sotirov, chief reverse engineer at Determina, his research team discovered and reported the flaw to...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Uncategorized, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets
- Blog posts 2007-03-30
- Black Hat RFID hacking demo threatened
- Another Black Hat conference, another vulnerability disclosure debate.IOActive's Chris Paget's plan to explain why RFID technology is "insecure and untrustworthy" has run into a legal stumbling block after secure card maker HID Corp. raised objections in a letter that claims possible patent infringement.InfoWorld's Paul Roberts is reporting that HID sent...
- Tags: Wi-Fi security, Pen testing, Black Hat, Exploit code, Responsible disclosure, Punditocracy, Cisco, Vulnerability research, Oracle, Hackers, Zero-day attacks, Uncategorized
- Blog posts 2007-02-27
- Symantec: Vista's UAC prompts can't always be trusted
- Microsofts implementation of the UAC user account control mechanism in Windows Vista continues to take a beating from security researchers. Less than a week after Polish hacker Joanna Rutkowska raised an alert for design -- and implementation -- bugs in the default no-admin component, a member of Symantecs Advanced...
- Tags: Black Hat, Data theft, Exploit code, Hackers, Microsoft, Pen testing, Punditocracy, Responsible disclosure, Uncategorized, Vulnerability research, Windows Vista
- Blog posts 2007-02-20
- Sun rushes out patch for Solaris Telnet exploit
- Sun Microsystems has rushed out patches to fix a code execution hole in the Solaris 10/11 telnet daemon (in.telnetd). The companys fix comes just days after a hacker known as "Kingcope" went public with details of the vulnerability, which allows a remote attacker to bypass the Sun Solaris telnet...
- Tags: Exploit code, Hackers, Patch Watch, Pen testing, Responsible disclosure, Uncategorized, Viruses and Worms, Vulnerability research
- Blog posts 2007-02-13
- MS Patch Tuesday: 12 bulletins, 6 critical, 20 vulnerabilities
- Microsoft's Patch Tuesday train rumbled into security central with a full load today: 12 bulletins with patches for at least 20 vulnerabilities in a wide range of widely used software products.Six of the 12 bulletins are rated "critical," Redmond's highest severity rating.As expected, there are fixes for gaping holes...
- Tags: Botnets, Browsers, Data theft, Exploit code, Hackers, Microsoft, Patch Watch, Uncategorized, Viruses and Worms, Vulnerability research, Zero-day attacks
- Blog posts 2007-02-13
Additional Resources
- News to know: DNS flaw; Amazon; Microsoft shakeup; Facebook
- Notable headlines: Ryan Naraine: Researchers borrow from Google PageRank for network defense service Attack code published for DNS flaw Nate McFeters: |)ruid and HD Moore release part 2 of DNS exploit 'Spam King' escapes from federal prison iPhone vulnerable to phishing,...
- Tags: Apple iPhone, Facebook, DNS, Amazon.com Inc., Microsoft Corp., Microsoft Xbox, Flaw, Game Players, Domain Names, Networking, Security, Consumer Electronics, Personal Technology, Internet, Larry Dignan
- Blog posts 2008-07-24
- Parallels releases Parallels Server for Mac
- I almost missed Parallels' announcement of Parallels Server for Mac. I didn't speak with company representatives. All I saw was a press release. It was nearly lost in a huge pile of other mail in my inbox. Although there are several virtual machine software products that support...
- Tags: Apple Macintosh, Operating System, Virtual Machine, Parallels Server, Parallels Management Console, Toolset, Desktops, Apple Mac OS, Desktop Virtualization, Operating Systems, Servers, Hardware, Software, Dan Kusnetzky
- Blog posts 2008-07-24
- |)ruid and HD Moore release part 2 of DNS exploit
- [Updated 07/24/2008: Gallery images of diffs of code revisions has been included and will be updated as things change, see here.] Earlier today, noted researchers |)ruid and HD Moore released exploit code for the Metasploit tool for attacking the DNS flaw that was originally reported by Dan...
- Tags: DNS, Domain, Server, Entry, Exploit, NS, NS Record, Domain Names, Networking, Internet, Nathan McFeters
- Blog posts 2008-07-23
- Attack code published for DNS flaw
- The urgency to patch Dan Kaminsky's DNS cache poisoning vulnerability just went up a few notches. Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool....
- Tags: Ryan Naraine
- Blog posts 2008-07-23
- iPhone vulnerable to phishing, spamming flaws
- Security researcher Aviv Raff left has discovered a pair of basic design flaws that could turn your iPhone into easy bait for malicious phishing and spamming attacks. According to an advisory from Raff, the iPhone's Mail and Safari applications are susceptible to a URL Spoofing vulnerability which...
- Tags: Apple iPhone, Apple Safari, Vulnerability, Spamming, Flaw, Aviv Raff, Phishing, Spam, Security, Spam And Phishing, Ryan Naraine
- Blog posts 2008-07-23
- Super-duper green computers
- If you think about sheer performance-per-watt potential, it's pretty hard to beat a supercomputer. So any company with gargantuan transaction processing needs might want to scout the latest Green500 list for insight. This list was brought to my attention by SGI, which has 11 entries in...
- Tags: SGI Altix, Silicon Graphics Inc., Computer, Altix ICE, UNIX, Databases, Operating Systems, Software, Enterprise Software, Data Management, Heather Clancy
- Blog posts 2008-07-23
- NY gov signs game bill into law
- New York State legislation that will have made it illegal to sell or rent some violent games to minors was signed was signed into law. A bill that will have made it illegal to sell or rent some violent games to minors was signed into law Tuesday by New...
- Tags: Law, Minor, Games, Personal Technology, video games, video game violence, Nintendo DS, New York, Brendan Sinclair, GameSpot
- News items 2008-07-23
- McAfee debunks recent vulnerabilities in AV software research, n.runs restates its position
- Several days after blogging about a research conduced by n.runs AG that managed to discover approximately 800 vulnerabilities in antivirus products, McAfee issued a statement basically debunking the number of vulnerabilities found, and providing its own account into the number of vulnerabilities affecting its own products : "A recent...
- Tags: Software, McAfee Inc., Antivirus, Vulnerability, Vendor, Flaw, N.Runs, Dancho, Security, Viruses And Worms, Dancho Danchev
- Blog posts 2008-07-23
- News to know: Yahoo; VMware; Apple; DNS vulnerability
- Notable headlines: Ryan Naraine: Vulnerability disclosure gone awry: Understanding the DNS debacle RIM ships fix for BlackBerry code execution bug Dancho Danchev: Georgia President's web site under DDoS attack from Russian hackers 75% of online banking sites found vulnerable to security design...
- Tags: Apple iPhone, Google Inc., Larry Dignan, DNS, Yahoo! Inc., Vulnerability, Dana Blankenhorn, Health Care, Apple Inc., VMware Inc., App Store, Banking, Vertical Industries, Domain Names, Benefits, Healthcare, Security, Financial Services, Enterprise Software, Software, Internet, Human Resources
- Blog posts 2008-07-23
- 75% of online banking sites found vulnerable to security design flaws
- In a paper entitled "Analyzing Web sites for user-visible security design flaws" to be published at the Symposium on Usable Privacy and Security meeting at Carnegie Mellon University July 25, Atul Prakash and two of his doctoral students examined 214 financial institutions in 2006, finding that over 75% of all...
- Tags: Bank, Online Banking, Flaw, Security, Financial Services, Dancho Danchev
- Blog posts 2008-07-23
- 90% of Americans 18-28-year-old own a PC
- According to the Forrester Research, although Gen Y is a small generation of 18- to 28-year-olds, comprising only 38 mln US adults, it sets the pace for technology adoption. 90% of Gen Yers own a PC, and 82% own a mobile phone. But it is technology use that sets this...
- Tags: Generation X, Mobile, PC, Generation Y, AM
- Blog posts 2008-07-22
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
According to a new study from the Economist, future success belongs to those who collaborate effectively. Learn how successful collaboration can improve profits, problem-solving, and competitive differentiation.
Tasty Baking’s new LEED factory
0:57
Tasty Baking CIO: Brendan O’Malley
Balancing act: innovation vs. reliability
1:28
Facebook VP of technical operations: Jonathan Heiliger
Securing data at E-Loan
1:47
E-Loan CIO: Jay Shah
When crops are scarce
1:47
Del Monte Foods CIO: Marc Brown
