Sponsored White Papers, Webcasts, and Downloads
TechRepublic Resources
- What is cross-site scripting?
- Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. Many users, and even Web developers, aren't entirely clear on what the term means, however. I'll explain cross-site scripting for you, so you...
- Tags: XSS, JavaScript, Web Site, Web Browser, Exploit, Cross-site Scripting Exploit, Cookies, Web Site Development, Internet, Chad Perrin
- Blog posts 2008-03-18
- Study shows viral SSIDs could be creating a massive wireless botnet
- A study of Wi-Fi networking at U.S. airports has revealed a viral SSID attack that is potentially infecting thousands of travelers and opening them up to data leakage on their laptops. The viral SSID attack could also be used by hackers to create a massive wireless botnet in the...
- Tags: Network, SSID, Exploit, Attack, AirTight, Wi-Fi, Wireless, Jason Hiner
- Blog posts 2008-03-05
- Critical vulnerability for XP and Vista proven "highly exploitable"
- On January 8, Microsoft released security bulletin MS08-001, calling it critical but stressing that it would be "difficult and unlikely" to be exploited. Immunity Inc. updated a working exploit on January 29 for the TCP/IP flaw, as spelled out in the January 8 bulletin, and posted a...
- Tags: Symantec Corp., Microsoft Windows XP, Vulnerability, Microsoft Windows Vista, Microsoft Corp., Exploit, Microsoft Windows, Security, Operating Systems, Software, Tricia Liebert
- Blog posts 2008-01-30
- Update on Trojans from multiple Web sites
- Exploits that caused more than 10,000 Web sites to spew malware were orchestrated by a single gang. An excerpt from PC World: The latest problems show that the power of this particular hacking gang appears to be growing since it was identified early last year....
- Tags: Web Server, Web, Search Engine, Trojan Horse, Malware, Web Site, Exploit, Web Servers, Spyware, Adware & Malware, Cyberthreats, Web Site Development, Security, Viruses And Worms, Internet, Arun Radhakrishnan
- Blog posts 2008-01-15
- LinkScanner Pro (exe)
- LinkScanner Pro provides automatic real-time analysis of network traffic and web site content to protect you from a wide range of online threats including malicious content, phishing, social engineering, and targeted software exploits (including zero-day attacks)- so there's no need to worry whether you have the latest patches installed. Your...
- Tags: Paid Search, Exploit, LinkScanner Pro, Search, Phishing, Security, Spam And Phishing
- Software downloads 2007-09-07
- Why there's no such thing as a zero-day vulnerability
- The term "zero day" (or "0-day" or "0day") is getting a lot of use these days. Much of the time, it's being used incorrectly. Even in venues generally frequented by knowledgeable people -- familiar with the important facts of IT security -- such as the bugtraq mailing list, I see...
- Tags: Software, Vulnerability, Patch, Exploit, Security, Chad Perrin
- Blog posts 2007-10-06
- Weekly malware round-up
- Proliferation of images and video on the Net are making it easier to embed exploits by using media as a camouflage around malicious code. Four exploits discussed below are doing just that. YouTube, with all its popularity, presents one brimming opportunity to affect...
- Tags: Malware, Exploit, SecurityFocus, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Arun Radhakrishnan
- Blog posts 2007-06-22
- Use Metasploit Framework to develop functional exploits faster and with less effort
- The security tool Metasploit Framework MSF was the first open-source and freely available exploit development framework, and since 2003, it has grown to be one of the security community's most popular tools. Investigate the usefulness of the Metasploit project suite of tools while bridging the gap between exploitation theory and...
- Tags: Security, Exploit, Tool, Productivity
- Book chapters 2007-06-15
- SolutionBase: Protect your workstation with Windows XP SP2's Data Execution Prevention technology
- With all of the viruses, spyware, and other exploits running around the Internet, wouldn't it be nice if the computer could protect itself a little bit? Using XP SP2's DEP feature, it just might be able to. Greg Shultz explains how it works. by Greg Shultz
- Tags: screenshots, Microsoft Windows XP Service Pack 2, TechRepublic Inc., Workstation, Microsoft Windows XP, Service Pack 2, Microsoft Windows, Data Execution Prevention, Greg Shultz
- Image galleries 2007-06-18
- Weekly malware round-up
- Beware of people who don't know what they're talking about.Take away: This "exploit" claim is completely bogus nonsense.SANS ISC handler Lorna Hutcheson says (1)(2):[b][i]"...its interesting and scary to find a file that acts like a regular gif file, but contains a script exploit..."[/i][/b]-and-[b][i]"...The second idea, but completely untested at this...
- Tags: Scripting languages, malware, TechExec2, PHP, GIF, exploit, server
- Discussion threads 2007-06-22
- Microsoft releases six security bulletins for April
- For April's Patch Tuesday, Microsoft released five security bulletins, rating four of them as critical -- and that's in addition to the critical security bulletin it released a week earlier. John McCormick tells you what you need to know about all of April's security bulletins. After canceling March's Patch...
- Tags: Microsoft Corp., John McCormick, Microsoft Windows, security bulletin, vulnerability, security, Privilege Vulnerability, IT Locksmith Newsletter, Version, Workaround, Microsoft Windows Vista, Threat, Exploit, CMS Memory Corruption Vulnerability, Operating Systems, Software
- Technical articles 2007-04-13
- Technologia: A travel log of Zangamarsh in the World of Warcraft
- The Burning Crusade, the first expansion to the ever-popular World of Warcraft, contains many strange new lands for players to explore. After questing in the Hellfire Peninsula, the next most likely place for adventuring is the area known as Zangamarsh. If you like wetlands, exotic wildlife, and especially psychotropic mushrooms,...
- Tags: Zangamarsh, Technologia, exploit, leader
- Image galleries 2007-06-08
- Get up to speed on Microsoft's February security bulletins
- February was a busy month for Microsoft. The software giant released a dozen security bulletins, half of which it rated critical. Last time, John McCormick reviewed Microsoft's six critical security bulletins for February. This time, he'll bring you to speed on the remaining six bulletins, which address important threats. ...
- Tags: Microsoft Corp., John McCormick, Microsoft Windows, security, Microsoft Security, Interactive Training Vulnerability, Microsoft Security Bulletin, important threat, security bulletin, exploit, IT Locksmith Newsletter, Version, Threat, Mozilla Corp., Secunia, February, Microsoft Knowledge Base Article 924667, Operating Systems, Software
- Technical articles 2007-02-26
- Finding Diversity in Remote Code Injection Exploits
- Remote code injection exploits inflict a significant societal cost, and an active underground economy has grown up around these continually evolving attacks. This paper presents a methodology for inferring the phylogeny, or evolutionary tree, of such exploits. The paper has applied this methodology to traffic captured at several vantage points,...
- Tags: Methodology, Association For Computing Machinery, Exploit
- White papers 2006-10-27
- Anatomy of an animated cursor attack
- Earlier this week, Microsoft shipped an emergency out-of-band patch to block zero-day attacks against a code execution hole in the way Windows handles animated cursor (.ani) files. This gallery provides a visual look at elements of the hacker attacks, including malicious Web sites, the exploit in action and the...
- Tags: Hacking, SECURITY, hacker attack, anatomy, zero-day bug, exploit, attack, Web site, Web, Microsoft Corp.
- Image galleries 2007-04-06
- Metasploit Reloaded
- HD Moore's open-source Metasploit Framework has been rewritten from scratch and released with 177 exploits, 104 payloads and new modules to exploit Wi-Fi driver vulnerabilities in the Windows kernel.In addition to hundreds of exploits and payloads, Moore said Metasploit 3.0 also ships with 30 auxiliary modules to perform tasks like...
- Tags: HD Moore, payload, See Ryan Naraine, denial of service, exploit, Wi-Fi, open source, Microsoft Windows
- Image galleries 2007-03-27
- Microsoft fights with researcher over Full Disclosure
- Ryan Naraine has taken Microsoft to task for refusing to officially credit security researcher Cesar Cerrudo for finding a privilege escalation exploit in Windows XP which was disclosed on the MoKB project late last year. Microsoft isnt pretending that Cerrudo never discovered the bug or never shared the information;...
- Tags: Vista, Security, Microsoft, Desktop
- Blog posts 2007-04-09
- Firefox ANI exploit on the way - no protected mode
- Determina is previewing a version of the ANI exploit that will hijack Mozilla Firefox 2 as well as Internet Explorer 7 running on Vista with default DEP settings mostly turned off. DEP could have stopped this exploit from running, but its turned off for most applications in Windows by default....
- Tags: Vista, Security, Browsers
- Blog posts 2007-04-03
- Microsoft releases five critical security bulletins for November
- For November's Patch Tuesday, Microsoft released six security bulletins, rating five of them as critical. In this edition of the IT Locksmith, John McCormick has the details about this month's security bulletins. For this month's Patch Tuesday, Microsoft released six security bulletins, five of which it's rated as...
- Tags: Microsoft Corp., John McCormick, security, vulnerability, Microsoft Security Bulletin, Microsoft Security, Microsoft Internet Explorer, security bulletin, IT Locksmith Newsletter, Microsoft Windows XP, Service Pack 2, Threat, Exploit, Bulletin, CVE-2006-4687, Microsoft Windows, Microsoft Windows XP Service Pack 2, Operating Systems, Software
- Technical articles 2006-11-20
- Get up to speed on Microsoft's August security bulletins
- August has been a busy month for Microsoft. The software giant released 12 security bulletins, nine of which it rated critical—collectively fixing 10 Windows flaws and three Office threats. Last time, John McCormick told you the four bulletins you needed to worry about most. In this edition of the IT...
- Tags: Microsoft Corp., John McCormick, Microsoft Windows, Microsoft Windows Server 2003, Microsoft Outlook, Domain names, Groupware, active exploit, critical threat, security, vulnerability, security bulletin, exploit, IT Locksmith Newsletter, Version, Microsoft Windows 2000, Microsoft Windows Server, Workaround, Threat, August, Operating Systems, Software
- Technical articles 2006-08-21
Harnessing the power of waves
Planting solar gardens
Fill your car for $1.10 a gallon?