In computer security, an unethical or illegal attack that takes advantage of some vulnerability. See zero-day exploit and PoC exploit.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2008 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Storm Worm's Independence Day campaign
- A Storm Worm's Independence Day campaign is circulating online using email as propagation vector, attempting to trick users into visiting a Storm Worm infected host, where a multitude of what looks like over five different exploits attempt to automatically infect the visitors next to the malware binary fireworks.exe. Historically, Storm...
- Blog posts 2008-07-04
- Say it ain't so AVG, say it ain't so: AVG LinkScanner = Badware?
- The Register covered a very interesting story about AVG. Apparently AVG is spamming the Internet with traffic that looks to be coming from Internet Explorer. AVG software pre-crawls search results to try to protect users, but uses a user agent that makes the software appear to be Internet Explorer. This pre-crawling is flooding websites with...
- Blog posts 2008-07-03
- On deck from MS: Four 'important' patches but nothing for IE
- On deck from MS: Four 'important' patches but nothing for IEAm I correct that uninstalling Safari mitigates the problem?I realize it isn't a fix but am I correct in believing that for the time being, removing Safari effectively closes off the only known attack vector that can utilize this vulnerability?...
- Discussion threads 2008-07-03
- On deck from MS: Four 'important' patches but nothing for IE
- Next Tuesday, Microsoft plans to ship four security updates for multiple flaws affecting Windows, Microsoft SQL Server and Microsoft Exchange Server but the absence of fixes for publicly known Internet Explorer issues is causing raised eyebrows among security professionals. According to the company's advance notice for July's...
- Blog posts 2008-07-03
- Apple caught neglecting iPhone security
- Apple caught neglecting iPhone securityApple doesn't really care.I believe that Apple puts security of its products at the bottom of the list, with cool design at the top. All this stuff just proves me right, that sure they have a neat casing and a touch screen, but underneath it...
- Discussion threads 2008-07-03
- Apple caught neglecting iPhone security
- If you're waiting on iPhone 2 to standardize your business on the awesome new device (yeah, I'll be on line to buy one), you might want to pay attention to the conspicuous absence of iPhone security patches over the last four months. As WaPo's Brian Krebs reports,...
- Blog posts 2008-07-03
- NoScript vs. Internet Explorer 8 Filters
- NoScript plugin writer Giorgio Maone posted a commentary on IE 8's new filters, drawing comparisons to his own widely popular NoScript Firefox plugin. Maone writes: I'm happy to learn that IE8 is going to implement a less ambitious version of a feature which NoScript users have enjoyed for more than one...
- Blog posts 2008-07-03
- Tiller Beauchamp on the Recon 2008 conference
- Guest Editorial by Tiller Beauchamp Earlier this month I had the opportunity to present RE:Trace at the Recon conference, a reverse engineering conference held every other year in Montreal, Canada. The conference consisted of three days of training and three days of talks in a single track. Topics...
- Blog posts 2008-07-02
- Anti-malware blocker, cross-site scripting protections coming in IE 8
- When Microsoft's Internet Explorer 8 hits the Beta 2 milestone in August, the browser makeover will feature a full-fledged anti-malware blocker and new protections against some forms of cross-site scripting attacks. The existing phishing filter IE 7 has been renamed SmartScreen Filter and will include blacklist-based blocking...
- Blog posts 2008-07-02
- News to know: Apple patches; Adobe; XP-Vista; Yahoo
- Notable headlines: Ryan Naraine: Apple plugs 25 Mac OS X security vulnerabilities. David Morgenstern: Apple releases Leopard 10.5.4 update Apple update notice. Robin Harris: Why computers fail Adobe: Adobe Advances Rich Media Search on the Web ...
- Blog posts 2008-07-01
- Exploit code released for unpatched IE 7 vulnerability
- Exploit code released for unpatched IE 7 vulnerabilityYour picture looks like Google hacked MicrosoftGoogle pages enter unannounced.Can this happen if another window isn't open?or a tab?There has to be somebody looking at the doc model, right?So if one uses IE one window, one website at a time, is this safe?I...
- Discussion threads 2008-06-30
- Exploit code released for unpatched IE 7 vulnerability
- Another day, another gaping hole affecting fully patched versions of Microsoft's Internet Explorer browser. According to a warning from US-CERT, proof-of-concept exploit code has been published for a new zero-day bug that can be used for a variety of malicious attacks against Windows users running IE 6,...
- Blog posts 2008-06-30
- Goodbye, XP. Hello, Midori
- Goodbye, XP. Hello, MidoriHow great would it be-to have a lean, mean system that would do the basics, and leave some of the add-ons to other companies.Microsoft has blown any chance of Vista ever getting any respect, as the timing of '7' seems almost a stopgap measure. with '7' only...
- Discussion threads 2008-06-30
- HSBC sites vulnerable to XSS flaws, could aid phishing attacks
- What would the perfect phishing attack from a social engineering perspective? The one that compared to using typosquatted domains impersonating the bank's web application directory structure is in fact using the bank's legitimate domain names as redirectors due to XSS flaws within. It's even more interesting to measure the average...
- Blog posts 2008-06-29
- Internet Explorer 'feature' causing drive-by malware attacks
- Internet Explorer 'feature' causing drive-by malware attacksNo surprise hereEver single vulnerability in IE is due to a built in feature.In fact, IE itself can be considered a "zero day" attack friendly vector. The primary point of failure in IT security.what version?what version?RE: Internet Explorer 'feature' causing drive-by malware attacks[i]taking advantage...
- Discussion threads 2008-06-27
- (Photos: iPhone celebrates a year)
- (Photos: iPhone celebrates a year)Unlocking the TroubleDuring your one year review, you neglected to mention the activities surrounding the unlocking of the iPhone, and Apples reaction with a string of updates.This all started out with some bright hackers figuring out an exploit in the software and releasing it on the...
- Discussion threads 2008-06-27
- Internet Explorer 'feature' causing drive-by malware attacks
- My colleague at Kaspersky Lab Roel Schouwenberg see disclosure has discovered a drive-by malware download taking advantage of what Microsoft describes as an Internet Explorer "feature" to launch cross-site scripting attacks. The attack, discovered at a compromised legitimate site, is using a modified GIF file to exploit...
- Blog posts 2008-06-27
- ICANN and IANA's domains hijacked by Turkish hacking group
- ICANN and IANA's domains hijacked by Turkish hacking groupWindows is to blameI hear that the Internet is basically run on Windows servers so it is hardly surprising that this happened. If ICANN would only switch to OS X I'm sure that no hacker would ever be able to break in.As...
- Discussion threads 2008-06-26
- Zero-day flaw haunts Internet Explorer
- Zero-day flaw haunts Internet ExplorerJelloWow, Ryan, that really tells me a lot. What does this vulnerability do? Change my hard drive into Jello?While the information is appreciatedit would have been nice if the headline had included that little number 6. It makes a huge difference.this flaw haunts only OLD Internet...
- Discussion threads 2008-06-26
- Microsoft's multicore strategy
- Microsoft's multicore strategymulticoreinfoA link is provided to this blog on http://www.multicoreinfo.com , the hub for multicore related resources.Moderately talented?"...enables the moderately talented to produce functional software. Enabling Visual Basic programmers to exploit multicore chips is no mean feat."Say what? I use VB because its easier and faster to develop...
- Discussion threads 2008-06-25
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- View exclusive resources for Intel Premier IT Professionals
-
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
- Sign-up free and access best practices resources >>
- Learn how collaboration fuels success with this FREE Economist report
-
According to a new study from the Economist, future success belongs to those who collaborate effectively. Learn how successful collaboration can improve profits, problem-solving, and competitive differentiation.
- Visit Cisco's Collaboration Resource Center today!
-
-
Tasty Baking’s new LEED factory
0:57
Tasty Baking CIO: Brendan O’Malley
-
Balancing act: innovation vs. reliability
1:28
Facebook VP of technical operations: Jonathan Heiliger
-
Securing data at E-Loan
1:47
E-Loan CIO: Jay Shah
-
When crops are scarce
1:47
Del Monte Foods CIO: Marc Brown
- View all CIO Vision Series Videos »
