Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- Mozilla downplays Zalewski's Firefox flaws
- Mozilla downplays Zalewski's Firefox flawsHey zkiwi, how does that crow taste?[url=http://talkback.zdnet.com/5208-12691-0.html?forumID=1&threadID=34612&messageID=636608] zkiwi claims that Zalewski can't be wrong [/url][i]I guess you think you are smarter than this guy who rates it as critical[/i]Hmm, looks like he was wrong about the Firefox flaws. I guess he isn't so smart after all!No...
- Tags: Web browsers, SECURITY, Zalewski, Mozilla Firefox, Firefox flaw, Mozilla Corp.
- Discussion threads 2007-06-05
- Zalewski is no hero - he's a vandal
- Zalewski is no hero - he's a vandalTwo wordsdumb f__k.AgreedThe shoe fits...
- Tags: Zalewski
- Discussion threads 2006-04-27
- Zalewski is no hero - he's a vandal
- Larry Seltzer at eWEEK agrees with me about the blatant disregard security researcher Richard Zalewski demonstrated yesterday when he unilaterally decided to disclose a potentially serious security vulnerability in Internet Explorer without providing the information to Microsoft first. Larry's a better man than me and doesn't go so far as...
- Tags: Zalewski
- Blog posts 2006-04-27
- Today's worst person in the (infosecurity) world
- Today's worst person in the infosecurity worldAgreed.Should he be convicted of a criminal offense?The laws against exploits might be sufficient.The case in favor of putting him in jail would be even less ambiguous if his contribution were used to create malware that was spread.I wonder, too, if the report of...
- Tags: SECURITY, Zalewski, Microsoft Corp., high road
- Discussion threads 2006-04-26
- Unpatched IE flaws reported
- Unpatched IE flaws reported*sigh*[i]"It is my experience that reporting and discussing security problems with Microsoft is a needlessly lengthy process that puts too much burden and effort on the researcher's end, especially if you just have a crash case, not a working exploit; hence, they did not get an advance...
- Tags: Web browsers, Now IT, Microsoft Corp., JPEG, Zalewski, security, Mozilla Firefox, Microsoft Internet Explorer
- Discussion threads 2005-07-21
Additional Resources
- iPhone update kills 12 security bugs
- Apple has released iPhone OS 2.2 with patches for 12 documented security flaws, some very serious. The vulnerabilities covered by the patch which also affect iPod Touch could allow remote code execution, information theft, software crashes and weakened encryption settings. The skinny on this...
- Tags: Apple iPhone, Security, Issue, SMS, Arbitrary Code Execution, Security Bug, Application Termination, Text Messaging/SMS/MMS, Telephony, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Networking, Ryan Naraine
- Blog posts 2008-11-21
- Webcam hijack demo highlights clickjacking threat
- Webcam hijack demo highlights clickjacking threatZeroDay/Ryan, you rockThis is the best security blog out there.Usually with IT blogs you either get a fast short echo of a release or a delayed lengthy and usually opinionated article. But ZD posts are great technical summaries of disperse information with clear explanations, right...
- Tags: Webcam
- Discussion threads 2008-10-07
- Webcam hijack demo highlights clickjacking threat
- [ UPDATE: The details are out. Lots of unresolved clickjacking issues] A security researcher in Israel has released a demo of a "clickjacking" attack, using an JavaScript game to turn every browser into a surveillance zombie. The release of the demo follows last month's...
- Tags: Webcam, Click, Web Browser, Twitter, Raff, Games, Web Browsers, Security, Personal Technology, Internet, Ryan Naraine
- Blog posts 2008-10-07
- Google ships open-source Web security assessment tool
- The Google security team has released a free, open-source Web app security assessment tool capable of flagging vulnerabilities and potential security threats in Internet-facing applications. The tool, called Ratproxy, is described as a passive Web application security audit tool designed to analyze legitimate, browser-driven interactions with tested Web...
- Tags: Google Inc., Web, Web Application, Web Security, Tool, Google Security Team, Productivity, Open Source, Security, Ryan Naraine
- Blog posts 2008-07-01
- Opera accuses Mozilla of irresponsible disclosure
- Opera accuses Mozilla of irresponsible disclosureOpera is to concervative in some regardsOften they will update several vulnerabilities, attach a few new features and announce the features, not mentioning the fixes. This could easily mislead the user if they should decide that upgrading is too much hassle to consider upgrading.RE:...
- Tags: Mozilla Corp., Opera Software ASA, Security Fix
- Discussion threads 2008-02-15
- Debating the most influential security folks list
- Ryan Naraine has cooked up a list of the most influential people in security. Here's the list packaged in a slideshow, which is annoyingly set on fast forward. For instance, I viewed two slides, went to bathroom and by time came back the gallery was over (and...
- Tags: Google Inc., Ryan Naraine, Team Management, Security, Management, Larry Dignan
- Blog posts 2008-02-13
- Microsoft slaps bandaid on IE, MS Word
- Microsoft's dominant Internet Explorer browser has undergone a security makeover to correct at least four vulnerabilities that could be used in code execution attacks if a user simply surfs to a maliciously rigged Web page. The cumulative IE update (MS07-057), shipped as part of this month's Patch...
- Tags: Vulnerability, Microsoft Windows Vista, Microsoft Internet Explorer, Microsoft Corp., Bulletin, Flaw, Microsoft Windows, Web Browsers, Microsoft Word, Operating Systems, Microsoft Office, Security, Software, Internet, Office Suites, Ryan Naraine
- Blog posts 2007-10-09
- Apple patches 10 iPhone security holes
- Apple has shipped an iPhone software update to patch 10 different vulnerabilities that could allow malicious hackers to launch executable code, steal e-mail credentials or take control of the device's phone-dialing capabilities. The mega-patch, which shipped today as iPhone v1.1.1, patches seven holes in Safari, a code...
- Tags: Apple iPhone, Apple Safari, Phone, Vulnerability, Apple Inc., Web Browser, E-mail, Bluetooth, Telecom & Utilities, Security, Online Communications, Wireless, Ryan Naraine
- Blog posts 2007-09-27
- Hacker movements: Murphy joins Apple; Caceres to Matasano
- LAS VEGAS - On the heels of Google's hire of browser hacking whiz Michal Zalewski comes news that another well-known vulnerability researcher is moving over to the vendor side.Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product...
- Tags: Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple
- Blog posts 2007-08-01
- Google hires browser hacking guru
- Google has snapped up one of the sharpest minds in the hacker community, luring Michal Zalewski to help lock down its long list of Internet facing products.Zalewski, a 26-year-old computer security whiz from Poland, joined the search engine giant about a week ago to work as an Information Security Engineer.He...
- Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-07-30
- News to know: Google buys PeakStream; VMware as a service; Firefox flaws
- Notable headlines:Google acquires programming toolmaker PeakStream. The Register: Google shivs server crowd with PeakStream buy.Dan Farber: VMware offers virtualization as a service.Ryan Naraine: Mozilla downplays Zalewski’s Firefox flaws. Microsoft security guru: Get fuzzing. ID theft allegations haunt founder of ID theft fraud protection service. Google: Microsoft IIS ‘twice as often’ serving...
- Tags: News to know, General
- Blog posts 2007-06-06
- Mozilla downplays Zalewski's Firefox flaws
- Mozilla security chief Window Snyder is pouring cold water on a claim by an independent researcher that there's a major security hole in the Firefox browser.A day after Michal Zalewski went public with details of Firefox vulnerabilities he thinks could lead to code execution attacks, Snyder responded with a note...
- Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets
- Blog posts 2007-06-05
- Gaping holes exposed in fully-patched IE 7, Firefox
- Polish hacker Michal Zalewski has ratcheted up his ongoing assault on Web browser security models, releasing details on serious flaws in fully patched versions of IE 6, IE 7 and Firefox 2.0.Zalewski, a well-respected security researcher, published demos of four different browser vulnerabilities on the Full Disclosure mailing list, warning...
- Tags: Zero-day attacks, Vulnerability research, Spyware and Adware, Rootkits, Responsible disclosure, Privacy, Pen testing, Patch Watch, Passwords, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Black Hat
- Blog posts 2007-06-04
- iDefense puts $16,000 bounty on critical infrastructure app flaws
- Verisign's iDefense is putting up a $16,000 prize for any hacker who can find a remotely exploitable zero-day flaw in six critical Internet infrastructure applications.The flaw bounty is the largest ever offered by the company's VCP Vulnerability Contributor Program, which buys the rights to vulnerability information from hackers and handles...
- Tags: Botnets, Browsers, Data theft, Digital rights management, Exploit code, Hackers, McAfee, Metasploit, Microsoft, Open source, Passwords, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research, Wi-Fi security, Zero-day attacks
- Blog posts 2007-05-18
- Yet another 'critical' Firefox flaw
- Less than 24 hours before the scheduled release of Firefox 2.0.0.2 as a high-priority browser refresh, a new "critical" vulnerability has been reported by Polish hacker Michal Zalewski.Zalewski, who appears to be running an unofficial MOFFB month of Firefox bugs project, released a demo of a memory corruption issue that...
- Tags: Patch Watch, Zero-day attacks, Microsoft, Browsers, Vulnerability research, Responsible disclosure, Spam and Phishing, Spyware and Adware, Exploit code, Viruses and Worms, Data theft, Open source, Mozilla, Google, Firefox
- Blog posts 2007-02-22
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
