On The Insider: Cyrus FamilyOn the Loss of Bus Driver
BNET Business Network:
BNET
TechRepublic
ZDNet

ZDNet Must Read:

Microsoft confirms 'detailed' Windows 7 exploit

Microsoft has issued a security advisory to acknowledge a crippling denial-of-service flaw affecting its newest operating systems -- Windows 7 and Windows Server 2008 R2.... Continued »

Category: Web Applications

September 8th, 2009

Windows 7, Vista exposed to 'teardrop attack'

Posted by Ryan Naraine @ 1:26 pm

Categories: Arbitrary Code Execution, Botnets, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Metasploit, Microsoft, Responsible disclosure, Viruses and Worms, Vulnerability research, Web Applications, Windows Vista, Zero-day attacks

Tags: Microsoft Windows Vista, Small And Medium Business, Attack, NEGOTIATE PROTOCOL REQUEST, Metasploit, Microsoft Windows, Smb/Sme, Microsoft Windows 7, Microsoft Windows Vista (Longhorn), Operating Systems

[ UPDATE: Microsoft has now confirmed this vulnerability and warns of code execution risk ]

Exploit code for a remote reboot flaw in Microsoft’s implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95.

The demo code, published on the Full Disclosure mailing list, allows an attacker to remotely crash any Windows 7 or Windows Vista machine with SMB enabled.  No user action is required.

Read the rest of this entry »

August 13th, 2009

Brazilian ID thieves using Twitter as botnet command channel

Posted by Ryan Naraine @ 1:31 pm

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Exploit code, Locally Running Web Servers, Malware, Passwords, Phishing, Social Networking Applications, Spam and Phishing, Spyware and Adware, Viruses and Worms, Web Applications

Tags: Twitter, Spyware, Spyware, Adware & Malware, Financial Services, Security, Ryan Naraine

Arbor Networks security researcher Jose Nazario has stumbled upon a crimeware botnet using Twitter as its command-and-control operation.

The botnet, which is linked to identity thieves in Brazil, uses Twitter status messages to communicate with bots — sending new links for the infected computers to contact and new commands and executables to download and run.

Read the rest of this entry »

August 12th, 2009

eBay warns of developer password-theft flaw

Posted by Ryan Naraine @ 9:42 am

Categories: Browsers, Data theft, Malware, Passwords, Patch Watch, Privacy, Responsible disclosure, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Web Applications, eBay

Tags: Developer, Password, Flaw, eBay Inc., Kandaswamy, Ryan Naraine

If you are a member of the eBay Developer Program, you might want to change your password immediately.

According to a warning from eBay’s Kumar Kandaswamy, a vulnerability in the service allows malicious hackers to gain information to developer accounts.  The company is strongly encouraging its user base to change passwords to the developer.ebay.com portal.   The flaw does not affect ebay.com accounts.

Read the rest of this entry »

August 11th, 2009

Microsoft: Exploits likely for 'critical' Windows vulnerabilities

Posted by Ryan Naraine @ 1:01 pm

Categories: Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Data theft, Exploit code, Locally Running Web Servers, Microsoft, Passwords, Patch Watch, Research, Responsible disclosure, Spyware and Adware, Vulnerability research, Web 2.0, Web Applications, Windows Vista

Tags: Windows Vulnerability, Vulnerability, Exploit Code, Microsoft Corp., Microsoft Windows, Security, Operating Systems, Software, Ryan Naraine

Microsoft today dropped a mega patch bundle with fixes for several “critical” vulnerabilities affecting the Windows platform and warned that “consistent, reliable exploit code” was likely to be released within 30 days.

The Redmond, Wash. software maker released nine bulletins — five rated critical — to provide cover for a total of 19 documented security vulnerabilities.   Of the nine updates, eight affect Windows and one affects Office Web Components (OWC).

Read the rest of this entry »

August 11th, 2009

Password-reset flaw haunts WordPress admins

Posted by Ryan Naraine @ 8:17 am

Categories: Browsers, Complex Attacks, Data theft, Exploit code, Locally Running Web Servers, Open source, Passwords, Patch Watch, Privacy, Responsible disclosure, Vulnerability research, Web Applications

Tags: Administrator, Flaw, Wordpress, Security, Ryan Naraine

Researchers are sounding the alarm for a serious administrator password-reset vulnerability affecting the latest version of WordPress, the popular open-source blog publishing platform.

The flaw, which can be exploited via the browser, gives an attacker a trivial way to compromise the admin account of any WordPress of WordPress MU (multiple user) installation.

Read the rest of this entry »

August 6th, 2009

Major security holes in popular XML libraries

Posted by Ryan Naraine @ 7:26 am

Categories: Anti Virus, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Hackers, Malware, Passwords, Patch Watch, Pen testing, Phishing, Responsible disclosure, Vulnerability research, Web Applications

Tags: Vulnerability, Server, XML, Security, Software/Web Development, Web Development, Ryan Naraine

A security research outfit has issued a warning for several critical vulnerabilities in popular XML libraries used by a wide range of software vendors.

The flaws, discovered earlier this year by Codenomicon, affect a wide range of technology products, including servers and server applications, workstations and end user applications, network devices,  embedded systems and mobile devices. Vendors affected include Sun Microsystems, the Apache Software Foundation and Python.

Read the rest of this entry »

August 5th, 2009

Apple warns of Mac attack risk via image files

Posted by Ryan Naraine @ 2:20 pm

Categories: Apple, Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Data theft, Exploit code, Malware, Passwords, Patch Watch, Responsible disclosure, Vulnerability research, Web Applications, Zero-day attacks

Tags: Apple Macintosh, Apple Inc., Arbitrary Code Execution, Image, PNG, Attack, Application Termination, OpenEXR, Ryan Naraine

Apple today warned that opening or viewing image files could lead to remote code execution attacks against Mac OS X users.

In an update that contains fixes for a total of 19 documented vulnerabilities, Apple said malicious hackers could rig PNG (Portable Network Graphics) and other images to take complete control of unpatched Mac systems.

Read the rest of this entry »

August 5th, 2009

Mozilla shuts online store after security breach

Posted by Ryan Naraine @ 11:53 am

Categories: Browsers, Data theft, Firefox, Malware, Mozilla, Open source, Phishing, Privacy, Web Applications

Tags: Online Store, Mozilla Corp., Mozilla Store, GatewayCDI, Security, Ryan Naraine

The Mozilla Foundation has shuttered its e-commerce store after confirming a security breach at GatewayCDI, the third-party vendor that handles the store’s backend operations.

The open-source groups said it has asked Gateway CDI to quickly notify individuals who had their sensitive data compromised.  Mozilla did not elaborate on the extent of compromised customer data.

Read the rest of this entry »

August 3rd, 2009

Twitter turns to Google for help with malware attacks

Posted by Ryan Naraine @ 2:54 pm

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Exploit code, Google, Pen testing, Phishing, Responsible disclosure, Spam and Phishing, Spyware and Adware, Web Applications

Tags: Google Inc., Malware, Twitter, Attack, Safe Browsing API, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

As it scrambles to cope with a noticeable surge in malware attacks targeting its users, Twitter has found a friend in Google.

The popular micro-blogging service has quietly started using the Google Safe Browsing API to block links to known malicious Web sites.

Read the rest of this entry »

June 15th, 2009

Apple finally patches musty old Java for Mac vulnerabilities

Posted by Ryan Naraine @ 2:05 pm

Categories: Apple, Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Malware, Open source, Passwords, Patch Watch, Pen testing, Vulnerability research, Web Applications, Zero-day attacks

Tags: Apple Macintosh, Vulnerability, Patch Management, Apple Inc., Programming Languages, Java, Software Development, Software/Web Development, Ryan Naraine

Apple has finally released a Java for Mac update to fix multiple security flaws that were patched upstream more than six months ago.

The fix comes three weeks after developers released proof-of-concept code to demonstrate the severity of the flaw and to nudge embarrass Apple into shipping the patch.

Today’s patch covers the following:

Read the rest of this entry »

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Most Popular Posts

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline