- Opera uses Mozilla fuzzer to find, fix severe browser flawPosted by Ryan Naraine in Zero Day on Aug 15, 2007 8:01 AM Subscribe Alerts
- Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fix a "highly severe" browser flaw that could be used in code execution attacks.[Read the rest]
More Black Hat on ZDNet
- IBM security strategist: Stop crediting vulnerability brokers
- Gunter Ollman, director of security strategy at IBM Internet Security Systems (ISS), believes there's no real accountability attached to the trading of vulnerability information by third party companies like iDefense... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 8, 2007 1:40 PM
- Greasemonkey script blocks Gmail cookie-theft attacks
- By now, you're probably read about Robert Graham's Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies. The attack technique, called SideJacking, uses two... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 7, 2007 5:28 AM
- Patches in ten f***ing days? Not really, says Mozilla
- Mozilla has moved swiftly to put the kibosh on late-night chatter that it can turn around patches for security flaws within ten f***ing days. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 6, 2007 11:37 AM
- Something uncomfortable about DEFCON's treatment of Dateline NBC reporter
- I don't know about you but after watching the video and reading the reports about DefCon's outing of Dateline NBC producer Michelle Madigan, I came away with an uncomfortable feeling... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 6, 2007 8:12 AM
- Hamster plus Hotspot equals Web 2.0 meltdown!
- Robert Graham (CEO Errata Security) gave his Web 2.0 hijacking presentation to a packed audience at Black Hat 2007 today. The audience erupted with applause and laughter when Graham used... [Read the rest]
- Posted by George Ou in Real World IT on: Aug 2, 2007 2:03 PM
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 2, 2007 11:11 AM
- OpenBSD team mocked at first ever 'Pwnie' awards
- At the first ever Pwnie Awards announced at the Black Hat Briefings here, a team of well-known researchers picked the OpenBSD team from a list of four software vendors --... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 2, 2007 10:19 AM
- Hacker movements: Murphy joins Apple; Caceres to Matasano
- Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product security engineer. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 1, 2007 11:37 AM
- Remembering five years of vulnerability markets
- GUEST EDITORIAL: David Endler looks back at five years of buying and selling software vulnerabilities and the legal and moral complications that have threatened the marketplace. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 1, 2007 10:09 AM
- Hardware-based rootkit detection proven unreliable
- For years, weve been convinced by companies like Komoku and BBN Technologies that hardware-based RAM acquisition is the most reliable and secure way to sniff out the presence of a... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Mar 2, 2007 8:10 AM
- Maynor demos MacBook Wi-Fi hijack, admits mistakes
- Looking to put to rest one of the most bizarre vulnerability disclosure disputes in recent memory, hacker David Maynor offered an apology for mistakes made, provided a live demo of... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Mar 1, 2007 9:02 AM
- Black Hat RFID talk back on, with deletions
- Chris Paget from IOActive is on stage here at Black Hat DC 2007, going ahead with his talk on RFID security issues. He has promised "not to mention a certain... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 11:11 AM
- Vista's ASLR not so random, but does it matter?
- Symantec is using the spotlight of the Black Hat DC 2007 conference to pick apart the security technologies built into Windows Vista. On the heels of its exposé of weaknesses... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 9:21 AM
- HID denies RFID demo threat, hackers worry
- Black Hat Diary: IOActives decision to cancel its RFID hacking demo is the main topic of conversation here as white hat hackers ponder the ramifications of a vendor using patent... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 8:10 AM
- RFID security: Black Hat muzzle prevents real discussion
- Ryan Naraine gives details on why a talk about RFID security was canceled at Black Hat. In short, IOActive’s Chris Paget’s plan to explain why RFID technology is “insecure and... [Read the rest]
- Posted by Larry Dignan in Between the Lines on: Feb 27, 2007 9:52 AM
- Legal threat forces cancellation of Black Hat RFID hacking demo
- Another Black Hat conference, another vulnerability disclosure brouhaha. IOActive's Chris Paget's plan to explain why RFID technology is "insecure and untrustworthy" has run into a legal brick wall. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 27, 2007 6:50 AM
- Researcher issues Oracle DB 'cursor injection' warning
- David Litchfields ongoing assault on Oracle databases has unearthed a new method of exploiting PL/SQL injection vulnerabilities. Litchfield, co-founder and managing director at NGSS (Next Generation Security Software), plans to... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 26, 2007 11:42 AM
Top Rated
- What Microsoft won't tell you about Windows 7 licensing +63 rating
- Seven perfectly legal ways to get Windows 7 cheap (or even free) +39 rating
- Clean install with Windows 7 upgrade media? Get the facts! +38 rating
- Which antivirus is best at removing malware? +34 rating
- iHacked: jailbroken iPhones compromised, $5 ransom demanded +32 rating
- New York AG files antitrust charges against Intel; alleges bribery, coercion +22 rating
- Revisiting the Motorola Droid on Verizon: evaluating the details +21 rating
- Hardware 2.0 'Very Best Kit List' for Nov/Dec 09 +15 rating
- 18 truths: The long fail of complexity +13 rating
- Windows 7's default UAC bypassed by 8 out of 10 malware samples +12 rating
Subscribe
Use the feeds below to subscribe using your RSS feed aggregator.
Latest News
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
ZDNet Government
- Human x-ray machines: Coming soon to an airport near you
- FCC Chairman testifies on driving while texting
- Flu pandemic disproportionately infects, kills young people; are some getting preferred treatment?
- Copyright associations want enforcement for free
- European Parliament to revisit telecom regulations
- Visit ZDNet Government
ZDNet Education
- An unusual day, part 2 (or "My lease is up! Now what?")
- An unusual day, part 1
- Edufire raises the bar with new video offerings
- Moodlerooms announces joule platform at EDUCAUSE
- New Live@Edu offerings keep pressure on Google Apps for Education
- Visit ZDNet Education
In Focus
- Microsoft Big Brains
- Intellectual Property
- polls
- iPhone
- News to know
- Web 2.0 Expo
- Paperless School
- Microsoft-Novell
- Google Chrome
- Microsoft-Yahoo
- OLPC
- Microsoft codenames
- Identity
- Bill Gates
- Attention
- MacBook Air
- Leopard
- ODF
- Windows Server 2008
- Mobile World Congress 08
- World-Mobile-Congress
- Vista
- Software Patents
- Web 2.0
- scary tech
- Macworld
- Wireless Networking
- CES
- "Consumer Electronics Show"
- Gmail
- Microsoft Novell
- Oracle
- WGA
- DRM
- Net Neutrality
- OpenSocial
- Hands on Vista
- MySpace
- Accessibility
- SAP
- Zune
- DEMOfall 07
- GPL
- Daylight Saving Time
- Benchmarks
- Google CapGemini
- Lawgarithms Links
- Black Hat
- Windows to Linux Chronicles
- Google Security
- AMD
- Apple-Cisco
- Google Office
- salesforce.com
- Yahoo
- Google YouTube
- Second Life
- Apple
- browsers
- Voice 2.0
- Security
- WWDC
- Deputy Tester
- Dan and David Show
- Google Development
- Google Gears
- Apple Security
- DoubleClick
- Dell
- Interop
- Local Advertising
- HP
- Digital Politics
- Video
- JavaOne
- Mix07
- Adobe
- Sun
- Intel
- VoIP
- Vista-Mac Showdown
- VON 2007
- Apple TV
- Vista tips
- Adobe Engage
- Windows to Mac Chronicles
- Virtual PC 2007
- Vista Galleries
- Sun GPLs Java
- RSA 2007
- Windows Mobile 6
- Demo 2007
- Vista compatibility
- IT Retardants
- The Year Ahead
- IT that mattered in 2006
- Microsoft+Novell
- Web Office
- Amazon EC2
- TechNet
- IPv6
- Oracle Linux
- Google JotSpot
- Demo Fall
ZDNet Blogs
- All About Microsoft
- The Apple Core
- Between the Lines
- BriefingsDirect
- Collaboration 2.0
- Dev Connection
- Digital Cameras & Camcorders
- Ed Bott's Microsoft Report
- Emerging Tech
- Enterprise Web 2.0
- Forrester Research
- Googling Google
- GreenTech Pastures
- Hardware 2.0
- Home Theater
- iGeneration
- Irregular Enterprise
- IT Project Failures
- Laptops & Desktops
- Lawgarithms
- Linux and Open Source
- Managing L'unix
- The Mobile Gadgeteer
- On Sustainability
- Rational Rants
- The Semantic Web
- Service Oriented
- Smartphones and Cell Phones
- Social Business
- Social CRM: The Conversation
- Software & Services Safari
- Software as Services
- Storage Bits
- Team Think
- Tech Broiler
- Technology and the Global Supply Chain
- Tom Foremski: IMHO
- The ToyBox
- Virtually Speaking
- The Web Life
- ZDNet Education
- ZDNet Government
- ZDNet Healthcare
- Zero Day
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
