exploit code Resources

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

MS Patch Tuesday heads-up: 11 bulletins, 4 critical: It will be a very busy Patch Tuesday for administrators managing Microsoft Windows computer systems. According to Microsoft's advance notice mechanism, 11 security bulletins will drop next Tuesday (October 14, 2008), covering a wide range of serious vulnerabilities. Four of the 11 bulletins are...; Tags: Vulnerability, Exploit Code, Microsoft Corp., Bulletin, Security, Ryan Naraine; Blog posts 2008-10-09
Who's Dumber: Bad Guys â€¦ Or Good Guys?: Who's Dumber: Bad Guys â€¦ Or Good Guys?Bad guys don't need applauseJust money. So they'll modestly attempt to avoid receiving their due when they compromise systems. I wouldn't assume that not hearing about a success means the success has not occurred.Also, this statement is confusing:Now, we have the...; Tags: SECURITY, flaw, exploit code, Bad Guys, exploit; Discussion threads 2008-08-27
Exploit code published for Apache Tomcat flaw: Exploit code published for Apache Tomcat flawand just how long will it take to get 98% of these servers patched?When I read the % of un-patched open source machines out there..... All I can say is, where is the FUDGuess what, it's software, it'll FUBARSoftware is NOT a Religion!!!!How many...; Tags: OPEN SOURCE, Application servers, Middleware, Apache Software Foundation, Microsoft IIS Server, Apache Tomcat, exploit code; Discussion threads 2008-08-21
Exploit code published for Apache Tomcat flaw: The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available. The code, posted to Milw0rm.com, exploits a directory traversal vulnerability vulnerability in the way Apache Tomcat handles malformed requests. ...; Tags: HTTP, XSS, Apache Software Foundation, Exploit Code, Apache Tomcat, Flaw, Open Source, Application Servers, Middleware, Enterprise Software, Software, Ryan Naraine; Blog posts 2008-08-21
Microsoft makes daring vulnerability sharing move: LAS VEGAS -- Starting in October, Microsoft will start sharing details on software vulnerabilities with security vendors ahead of Patch Tuesday under a daring new program aimed at reducing the window of exposure to hacker attacks. The new Microsoft Active Protections Program MAPP, which will be formally...; Tags: Vulnerability, Security Company, Exploit Code, Microsoft Corp., Security, Ryan Naraine; Blog posts 2008-08-05

Microsoft joins 'patch DNS now' chant; Apple patch missing: On the heels of the release of weaponized exploit code for the DNS cache poisoning vulnerability, Microsoft has joined the chorus of security pros pleading with DNS server providers to immediately apply patches to protect users from malicious attacks. The Redmond, Wash. security...; Tags: Apple Macintosh, DNS, Vulnerability, Apple Inc., Exploit Code, Microsoft Corp., Attack, Dan Kaminsky, Domain Names, Apple Mac OS X, Networking, Security, Internet, Operating Systems, Software, Apple Mac OS, Ryan Naraine; Blog posts 2008-07-25
Code Diffs for DNS Exploit Code: Diffs between revisions of the exploit code released by HDM and |)ruid. Generated by Billy Rios. by Nathan McFeters; Tags: Revision, DNS, Exploit Code, Domain Names, Networking, Internet, Nathan McFeters, diffs, code, Exploit, HDM, |)ruid, Billy, Rios, McFeters, Nate, Nathan, screenshots; Image galleries 2008-07-23
Exploit code released for unpatched IE 7 vulnerability: Exploit code released for unpatched IE 7 vulnerabilityYour picture looks like Google hacked MicrosoftGoogle pages enter unannounced.Can this happen if another window isn't open?or a tab?There has to be somebody looking at the doc model, right?So if one uses IE one window, one website at a time, is this safe?I...; Tags: Web browsers, Construction, Microsoft Internet Explorer, exploit code, Microsoft Internet Explorer 7; Discussion threads 2008-06-30
Exploit code released for unpatched IE 7 vulnerability: Another day, another gaping hole affecting fully patched versions of Microsoft's Internet Explorer browser. According to a warning from US-CERT, proof-of-concept exploit code has been published for a new zero-day bug that can be used for a variety of malicious attacks against Windows users running IE 6,...; Tags: Attacker, Vulnerability, Frame, Microsoft Internet Explorer 7, Domain, Exploit Code, Microsoft Internet Explorer, Web Page, Web Browsers, Internet, Ryan Naraine; Blog posts 2008-06-30
Protecting Web Services From Remote Exploit Code: A Static Analysis Approach: This paper proposes STILL, a real-time, out-of-the-box, signature-free, remote exploit binary code injection attack blocker to protect web servers. STILL is motivated by an important observation that the request messages to web servers are exclusively data and not binary executable code. Since remote exploits are typically binary executable code, this...; Tags: Web Server, Web, Web Service, Server, Association For Computing Machinery, Exploit Code, Analysis, Web Servers, Internet; White papers 2008-04-25
A Data Mining Technique to Detect Remote Exploits: This paper designed and implemented DExtor, a Data Mining based Exploit code detector, to protect network services. The main assumption of the work is that normal traffic into the network services contain only data, whereas exploit code contains code. Thus, the "Exploit code detection" problem reduces to "Code detection" problem....; Tags: Network, Network Service, Data Mining, Exploit Code, Training, DExtor, Workforce Management, Training And Certification, Human Resources; White papers 2007-12-20
Blue Pill Project extends VM rootkit cat-and-mouse tussle: LAS VEGAS - The intellectual cat-and-mouse tussle over hiding and finding virtual machine rootkits has hit a new gear with a team of researchers dismissing the notion of "100 percent undetectable" malware and the release of source code for a new "Blue Pill" rootkit.As previously reported, Thomas Ptacek, co-founder of...; Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Rootkits, Responsible disclosure, Pen testing, Patch Watch, Microsoft, Metasploit, Hackers, Exploit code, Data theft, Browsers, Botnets, Black Hat; Blog posts 2007-08-02
OpenBSD team mocked at first ever 'Pwnie' awards: LAS VEGAS -- The OpenBSD team has won an award for the most spectacular "mishandling" of a critical security vulnerability.Here's why:The OpenBSD team refused to acknowledge the bug as a security vulnerability and issued a "reliability fix" for it. A week later Core Security had developed proof of concept code...; Tags: Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Apple; Blog posts 2007-08-02
Hacker movements: Murphy joins Apple; Caceres to Matasano: LAS VEGAS - On the heels of Google's hire of browser hacking whiz Michal Zalewski comes news that another well-known vulnerability researcher is moving over to the vendor side.Matthew Murphy, an outspoken hacker who is credited with several major flaw discoveries, has confirmed he is joining Apple as a product...; Tags: Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Mozilla, Microsoft, Hackers, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Apple; Blog posts 2007-08-01
Remembering five years of vulnerability markets: Guest Editorial by David EndlerWhile compiling some stats this week for our Zero Day Initiative two year anniversary, I came across this recent news article by the Associated Press, Researchers Seek Cash for Software Flaws. It's the latest in a long line of media coverage on the launch of...; Tags: Botnets, Black Hat, Apple, Zero-day attacks, Wireless, Windows Vista, Wi-Fi security, Vulnerability research, Viruses and Worms, Symantec, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers; Blog posts 2007-08-01
Mozilla fixes its end of URL protocol handling saga: Mozilla has fixed its end of the controversial URL protocol handling vulnerability that puts Windows users at risk of PC takeover attacks.Exactly a week after admitting that Firefox was just as guilty as Internet Explorer when it comes to passing dangerous data to third party applications, the open-source group shipped...; Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Spyware and Adware, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Apple; Blog posts 2007-07-31
Google hires browser hacking guru: Google has snapped up one of the sharpest minds in the hacker community, luring Michal Zalewski to help lock down its long list of Internet facing products.Zalewski, a 26-year-old computer security whiz from Poland, joined the search engine giant about a week ago to work as an Information Security Engineer.He...; Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Mozilla, Microsoft, Metasploit, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat; Blog posts 2007-07-30
Can Trend Micro's botnet identification service make a difference?: Trend Micro today rolled out its SecureCloud software-as-a-service platform with a new Botnet Identification Service BIS to help find botnet command-and-control servers and block communications between them and the zombie PCs they control.Geared towards ISPs and enterprise customers, the botnet ID service can be used to block communication to/from command-and-control...; Tags: Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Rootkits, Responsible disclosure, Punditocracy, Pen testing, Patch Watch, Microsoft, Passwords, Metasploit, McAfee, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets; Blog posts 2007-07-30
German hacker denied entry into U.S. for Black Hat training: Thomas Dullien, a prominent security researcher who has been a fixture at the annual Black Hat security conference, has been denied entry into the U.S. to attend and conduct training at this year's confab.Dullien left, a German reverse engineering whiz known in hacker circles as "Halvar Flake," said he was...; Tags: Zero-day attacks, Windows Vista, Vulnerability research, Viruses and Worms, Responsible disclosure, Pen testing, Patch Watch, Passwords, Microsoft, Metasploit, Hackers, Exploit code, Digital rights management, Data theft, Cisco, Browsers, Botnets, Black Hat; Blog posts 2007-07-29
Code execution hole in Yahoo Widgets: A serious security flaw in an ActiveX control that ships with the Yahoo Widgets could put users at risk of PC takeover attacks.The vulnerability, rated "highly critical" by Secunia, is caused due to a boundary error within the YDPCTL.YDPControl.1 (YDPCTL.dll) ActiveX control when handling the "GetComponentVersion" method. This can be...; Tags: Zero-day attacks, Vulnerability research, Viruses and Worms, Symantec, Spyware and Adware, Spam and Phishing, Responsible disclosure, Pen testing, Patch Watch, Passwords, Open source, Microsoft, Hackers, Google, Firefox, Exploit code, Data theft, Browsers, Botnets; Blog posts 2007-07-27

<< Previous
page 1 of 12
Next >>

Content Types

Blog posts (227 results)

Discussion threads (6 results)

Image galleries (1 results)

White papers (2 results)

Refining Tags

Ryan Naraine (226 results)

Vulnerability research (209 results)

Hackers (196 results)

Data theft (193 results)

Patch Watch (188 results)

Browsers (185 results)

Responsible disclosure (181 results)

Pen testing (174 results)

Botnets (154 results)

Zero-day attacks (153 results)

Viruses and Worms (147 results)

Microsoft (138 results)

Spyware and Adware (126 results)

Metasploit (113 results)

Spam and Phishing (112 results)

Rootkits (98 results)

Open source (97 results)

Firefox (82 results)

Passwords (74 results)

Windows Vista (66 results)

Google (65 results)

Apple (64 results)

Mozilla (58 results)

Microsoft Corp. (48 results)

vulnerability (42 results)

security (41 results)

Digital rights management (39 results)

Privacy (37 results)

Microsoft Windows (35 results)

Punditocracy (33 results)

McAfee (32 results)

Black Hat (29 results)

Symantec (26 results)

Mozilla Firefox (23 results)

Wi-Fi security (19 results)

flaw (18 results)

Microsoft Internet Explorer (17 results)

attack (17 results)

Microsoft Windows Vista (16 results)

Web browser (15 results)

Exploit (15 results)

malware (14 results)

patch management (13 results)

Cisco (13 results)

attacker (12 results)

Google Inc. (12 results)

Apple Inc. (12 results)

Apple Macintosh (11 results)

Piracy (11 results)

Oracle (10 results)

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Fusion

There’s a new energy coming from the people of AMD. Its the power of Fusion.
Learn about the power of fusion at work and the industry-changing impact of accelerated computing.
View AMD video, case studies, blogs, forums, and more on ZDNet »

exploit code

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

Content Types

Refining Tags

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Fusion

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads