- Opera uses Mozilla fuzzer to find, fix severe browser flawPosted by Ryan Naraine in Zero Day on Aug 15, 2007 8:01 AM Subscribe Alerts
- Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fix a "highly severe" browser flaw that could be used in code execution attacks.[Read the rest]
More Black Hat on ZDNet
- IBM security strategist: Stop crediting vulnerability brokers
- Gunter Ollman, director of security strategy at IBM Internet Security Systems (ISS), believes there's no real accountability attached to the trading of vulnerability information by third party companies like iDefense... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 8, 2007 1:40 PM
- Greasemonkey script blocks Gmail cookie-theft attacks
- By now, you're probably read about Robert Graham's Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies. The attack technique, called SideJacking, uses two... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 7, 2007 5:28 AM
- Patches in ten f***ing days? Not really, says Mozilla
- Mozilla has moved swiftly to put the kibosh on late-night chatter that it can turn around patches for security flaws within ten f***ing days. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 6, 2007 11:37 AM
- Something uncomfortable about DEFCON's treatment of Dateline NBC reporter
- I don't know about you but after watching the video and reading the reports about DefCon's outing of Dateline NBC producer Michelle Madigan, I came away with an uncomfortable feeling... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 6, 2007 8:12 AM
- Hamster plus Hotspot equals Web 2.0 meltdown!
- Robert Graham (CEO Errata Security) gave his Web 2.0 hijacking presentation to a packed audience at Black Hat 2007 today. The audience erupted with applause and laughter when Graham used... [Read the rest]
- Posted by George Ou in Real World IT on: Aug 2, 2007 2:03 PM
- Blue Pill Project extends VM rootkit cat-and-mouse tussle
- The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 2, 2007 11:11 AM
- OpenBSD team mocked at first ever 'Pwnie' awards
- At the first ever Pwnie Awards announced at the Black Hat Briefings here, a team of well-known researchers picked the OpenBSD team from a list of four software vendors --... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 2, 2007 10:19 AM
- Hacker movements: Murphy joins Apple; Caceres to Matasano
- Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product security engineer. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 1, 2007 11:37 AM
- Remembering five years of vulnerability markets
- GUEST EDITORIAL: David Endler looks back at five years of buying and selling software vulnerabilities and the legal and moral complications that have threatened the marketplace. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Aug 1, 2007 10:09 AM
- Hardware-based rootkit detection proven unreliable
- For years, weve been convinced by companies like Komoku and BBN Technologies that hardware-based RAM acquisition is the most reliable and secure way to sniff out the presence of a... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Mar 2, 2007 8:10 AM
- Maynor demos MacBook Wi-Fi hijack, admits mistakes
- Looking to put to rest one of the most bizarre vulnerability disclosure disputes in recent memory, hacker David Maynor offered an apology for mistakes made, provided a live demo of... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Mar 1, 2007 9:02 AM
- Black Hat RFID talk back on, with deletions
- Chris Paget from IOActive is on stage here at Black Hat DC 2007, going ahead with his talk on RFID security issues. He has promised "not to mention a certain... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 11:11 AM
- Vista's ASLR not so random, but does it matter?
- Symantec is using the spotlight of the Black Hat DC 2007 conference to pick apart the security technologies built into Windows Vista. On the heels of its exposé of weaknesses... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 9:21 AM
- HID denies RFID demo threat, hackers worry
- Black Hat Diary: IOActives decision to cancel its RFID hacking demo is the main topic of conversation here as white hat hackers ponder the ramifications of a vendor using patent... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 28, 2007 8:10 AM
- RFID security: Black Hat muzzle prevents real discussion
- Ryan Naraine gives details on why a talk about RFID security was canceled at Black Hat. In short, IOActive’s Chris Paget’s plan to explain why RFID technology is “insecure and... [Read the rest]
- Posted by Larry Dignan in Between the Lines on: Feb 27, 2007 9:52 AM
- Legal threat forces cancellation of Black Hat RFID hacking demo
- Another Black Hat conference, another vulnerability disclosure brouhaha. IOActive's Chris Paget's plan to explain why RFID technology is "insecure and untrustworthy" has run into a legal brick wall. [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 27, 2007 6:50 AM
- Researcher issues Oracle DB 'cursor injection' warning
- David Litchfields ongoing assault on Oracle databases has unearthed a new method of exploiting PL/SQL injection vulnerabilities. Litchfield, co-founder and managing director at NGSS (Next Generation Security Software), plans to... [Read the rest]
- Posted by Ryan Naraine in Zero Day on: Feb 26, 2007 11:42 AM
Top Rated
- "Turkey Day" tech support survival kit +23 rating
- Apple to smokers: butt out or void your warranty +17 rating
- Opera patches 'extremely severe' security hole +17 rating
- Google makes Chrome OS open source today +16 rating
- Inside the Google Chrome OS security model +16 rating
- Microsoft finds security hole in Google Chrome Frame +15 rating
- AT&T launches Verizon counter-punch ad, keeps digging that hole +14 rating
- Exploit published for critical IE 7 zero-day flaw +14 rating
- Chrome OS - The good, the bad and the ugly, and how it fits in with Windows, Mac and Linux +14 rating
- FAA hit with network glitch; Flight plans go manual +13 rating
Blogs From Our Sponsors
Subscribe
Use the feeds below to subscribe using your RSS feed aggregator.
Latest News
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
ZDNet Government
- Internet: A threat to government or the other way around? (Part 4)
- Internet: A threat to government or the other way around? (Part 3)
- Internet: A threat to government or the other way around? (Part 2)
- Friday's Throw out the trash day and Polls for the week of Nov 20th
- Internet: A threat to government or the other way around?
- Visit ZDNet Government
ZDNet Education
- Are cheap LCDs a good choice for classroom sharing?
- Is it time to go quad-core?
- Can Obama make science cool?
- Falling behind in science? No kidding!
- YouTube automatic captioning: one more reason GOOG's not evil
- Visit ZDNet Education
In Focus
- Microsoft Big Brains
- Intellectual Property
- polls
- iPhone
- News to know
- Web 2.0 Expo
- Paperless School
- Microsoft-Novell
- Google Chrome
- Microsoft-Yahoo
- OLPC
- Microsoft codenames
- Identity
- Bill Gates
- Attention
- MacBook Air
- Leopard
- ODF
- Windows Server 2008
- Mobile World Congress 08
- World-Mobile-Congress
- Vista
- Software Patents
- Web 2.0
- scary tech
- Macworld
- Wireless Networking
- CES
- "Consumer Electronics Show"
- Gmail
- Microsoft Novell
- Oracle
- WGA
- DRM
- Net Neutrality
- OpenSocial
- Hands on Vista
- MySpace
- Accessibility
- SAP
- Zune
- DEMOfall 07
- GPL
- Daylight Saving Time
- Benchmarks
- Google CapGemini
- Lawgarithms Links
- Black Hat
- Windows to Linux Chronicles
- Google Security
- AMD
- Apple-Cisco
- Google Office
- salesforce.com
- Yahoo
- Google YouTube
- Second Life
- browsers
- Apple
- Voice 2.0
- Security
- WWDC
- Deputy Tester
- Dan and David Show
- Google Development
- Google Gears
- Apple Security
- DoubleClick
- Dell
- Interop
- Local Advertising
- HP
- Digital Politics
- Video
- JavaOne
- Mix07
- Adobe
- Sun
- Intel
- VoIP
- Vista-Mac Showdown
- VON 2007
- Apple TV
- Vista tips
- Adobe Engage
- Windows to Mac Chronicles
- Virtual PC 2007
- Vista Galleries
- Sun GPLs Java
- RSA 2007
- Windows Mobile 6
- Demo 2007
- Vista compatibility
- IT Retardants
- The Year Ahead
- IT that mattered in 2006
- Microsoft+Novell
- Web Office
- Amazon EC2
- TechNet
- IPv6
- Oracle Linux
- Google JotSpot
- Demo Fall
ZDNet Blogs
- All About Microsoft
- The Apple Core
- Between the Lines
- BriefingsDirect
- Collaboration 2.0
- Dev Connection
- Digital Cameras & Camcorders
- Ed Bott's Microsoft Report
- Emerging Tech
- Enterprise Web 2.0
- Forrester Research
- Googling Google
- GreenTech Pastures
- Hardware 2.0
- Home Theater
- iGeneration
- Irregular Enterprise
- IT Project Failures
- Laptops & Desktops
- Lawgarithms
- Linux and Open Source
- Managing L'unix
- The Mobile Gadgeteer
- On Sustainability
- Rational Rants
- The Semantic Web
- Service Oriented
- Smartphones and Cell Phones
- Social Business
- Social CRM: The Conversation
- Software & Services Safari
- Software as Services
- Storage Bits
- Team Think
- Tech Broiler
- Technology and the Global Supply Chain
- Tom Foremski: IMHO
- The ToyBox
- Virtually Speaking
- The Web Life
- ZDNet Education
- ZDNet Government
- ZDNet Healthcare
- Zero Day
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Can your business work smarter? Learn more about Lotus Symphony
- Learn how to work smarter and optimize cost using the IBM Smart SOA approach Download the eBook
- Smarter ways to make smarter products Read the brief from IBM
