(1) Refers to the "actual data" in a packet or file minus all headers attached for transport and minus all descriptive meta-data. In a network packet, headers are appended to the payload for transport and then discarded at their destination. In a key-length-value structure, the key and length are descriptive data about the value (the payload). See protocol stack.
(2) In the analysis of malicious software such as worms, viruses and Trojans, it refers to the software's harmful results. Examples of payloads include data destruction, messages with insulting text or spurious e-mail messages sent to a large number of people.
(2) In the analysis of malicious software such as worms, viruses and Trojans, it refers to the software's harmful results. Examples of payloads include data destruction, messages with insulting text or spurious e-mail messages sent to a large number of people.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2008 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Russia, Georgia and NASA
- Russia, Georgia and NASASelf reliance is a good thingLet's be really glad we're not dependent on Russia for more important things... and yes, I do think that foreign countries should be wary of over-dependence on the US works both ways.I think Bill Nelson has done a good job over the...
- Discussion threads 2008-08-18
- From Metasploit to Microsoft: Skape goes to Redmond
- Metasploit developer Matt Miller, who for years frustrated Microsoft officials with the public release of Windows exploits, is heading to Redmond to join Microsoft's Security Science team. Miller, who uses the hacker moniker Skape,will work on improved ways to find security vulnerabilities and better software defenses through...
- Blog posts 2008-08-18
- CNET's Clientside developer blog serving Adobe Flash exploits
- Yesterday, Websense Labs issued an alert regarding a compromised CNET blog, namely the Clientside developer blog which has been embedded with a malicious javascript code attempting to exploit the visitors through a well known vulnerability in Adobe Flash's player. Websense's alert : "Websense Security Labs ThreatSeeker Network has discovered...
- Blog posts 2008-08-07
- Web worms squirm through Facebook, MySpace
- My colleagues at Kaspersky Lab see disclosure have intercepted two new worms squirming through MySpace and Facebook, using social engineering lures to plant malware on Windows systems. The worms propagate via the comments features on the two popular social networks, using video lures and fake Flash Player...
- Blog posts 2008-07-31
- Tiller Beauchamp on the Recon 2008 conference
- Guest Editorial by Tiller Beauchamp Earlier this month I had the opportunity to present RE:Trace at the Recon conference, a reverse engineering conference held every other year in Montreal, Canada. The conference consisted of three days of training and three days of talks in a single track. Topics...
- Blog posts 2008-07-02
- Sony PlayStation's site SQL injected, redirecting to rogue security software
- The latest high trafficked web site to fall victim into the continuing waves of massive SQL injection attacks courtesy of copycats and the ASProx botnet, is Sony's PlayStation U.S site according to a recent post at SophosLabs's blog : "Researchers at IT security firm Sophos have warned lovers of...
- Blog posts 2008-07-02
- Researcher claims thousands of identities stolen during Social Engineering pentests
- Kelly Jackson Higgins of Dark Reading, reported on research conducted by Joshua Perrymon, hacking director for PacketFocus Security Solutions and CEO of RedFlag Security, who has been performing social engineering exploits for numerous clients in the past year and has apparently stolen thousands of identities with a 100 percent success rate. ...
- Blog posts 2008-07-01
- Apple plugs 25 Mac OS X security vulnerabilities
- Apple has shipped another Mac OS X monster update to fix a total of 25 documented vulnerabilities that could lead to arbitrary code execution attacks. With Security Update 2008-004, Apple fixes code execution flaws in Launch Services, SMB File Server, System Configuration, VPN and WebKit. ...
- Blog posts 2008-06-30
- Car makers are doing all they can, you and I are the problem
- Car makers are doing all they can, you and I are the problem....Not buying it Harry. People didn't buy the more efficient vehicles because they were not marketed with the same "sexy" fervor as the larger and less efficient ones. That is a fact. Almost every car commercial or advertisement...
- Discussion threads 2008-06-18
- Airport security part 3: Planes, trains, and automobiles
- I took a trip home to Michigan this week via Amtrak, and I got to thinking about previous articles I've written about airline security and wondered why are the security concerns so much more lax for trains and cars than they are for planes? There's certainly some obvious...
- Blog posts 2008-06-15
- Flash attack may as well have been zero-day
- Guest Editorial by Dino Dai Zovi It has almost been a week since the Adobe Flash zero-day attack false alarm. Since then, a number of people have called Symantec out as being irresponsible for crying wolf and announcing the raising the ThreatCon without fully researching the vulnerability (Full...
- Blog posts 2008-06-03
- ActiveX control bug bites Creative Labs AutoUpdate engine
- A high-severity security flaw in the Creative Software automatic update engine could put Windows computers at risk of remote code execution attacks, according to a warning from the US-CERT Computer Emergency Readiness Team. The vulnerability affects the software used to provide updates to Creative Labs' audio/video entertainment product line,...
- Blog posts 2008-05-30
- Michael Howard on SQL Injection and my concerns on the most recent attacks
- So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful I just wish he would post more. So, way back on May 16th (old news now, but still...
- Blog posts 2008-05-29
- Adobe Flash drive-by attacks redux
- Adobe has finally issued an almost-definitive statement on the reports of a zero-day attack targeting its flagship Flash Player, suggesting kinda that the vulnerability is already patched. In a progress report posted to the official Adobe PSIRT blog, David Lenoe stops short of making definitive statements on...
- Blog posts 2008-05-28
- 2008 Suzuki XL7 Limited
- The 2008 Suzuki XL7 Limited is about as much crossover SUV as you can get for the money. Its ride quality and cabin materials might not be on a par with those of other models in the segment, but the XL7 Limited does pack an impressive payload of features--including one...
- Product reviews 2008-05-23
- North State Framework (zip)
- The North State Framework NSF is a .Net class library that provides a one-to-one mapping between UML State Machine diagram elements and library classes, so implementation is a direct translation of the design, making code creation a simple process. Together with NSF's built-in utility classes for threading, timers, and tracing,...
- Software downloads 2008-05-23
- Virtualization smackdown: Sun xVM VirtualBox 1.6 vs. VMWare Server 2.0 Beta 2
- Once strictly the domain of software developers and QA engineers, personal and small-business virtualization products are now becoming an attractive solution for entry-level systems consolidation and foreign OS compatibility applications. These solutions run on host operating systems which do not require the overhead or usual high entry cost of professional...
- Blog posts 2008-05-21
- Novell GroupWise 'mailto' URI handler buffer overflow vulnerability
- Researcher Juan Pablo Lopez Yacubian has reported another URI abuse exploit. From Security Focus: Novell GroupWise is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue will allow an attacker to execute...
- Blog posts 2008-04-29
- Developers at fault? SQL Injection attacks lead to wide-spread compromise of IIS servers
- There's been a lot of noise and violent thrashing over the last couple days regarding a flaw that was originally believed to be a flaw in Microsoft's IIS Internet Information Server, but has since been pointed out as simply a well thought out SQL Injection attack. For those of...
- Blog posts 2008-04-28
- Websense: UN, UK sites compromised by JavaScript injection
- Websense: UN, UK sites compromised by JavaScript injectionNo, It's not just you.I've been noticing this trend for a couple of months now. Unfortunatly it's not only the .Gov sites that are getting hit. It appears however, that at least the .Gov sites are some of the few who are...
- Discussion threads 2008-04-23
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- ZDNet News Videos
-
Tech news covering the latest in products, conferences and blog commentary, from ZDNet video.
- Watch the latest video >>
- Intel IT Data Center Efficiency Initiative - Going Green
-
"See how Intel is consolidating down to 8 global data center hubs through the use of consolidation, virtualization and standardization. The initiative is expected to save Intel $1.8B by project completion.
- See how Intel plans to save $1.8 billion >>
- Sports and Technology
-
Major League Baseball pitches new app to iPhone users
At Apple's Worldwide Developers Conference in San Francisco, Jeremy Schoenherr of MLB.com demos At-Bat, a new iPhone app from Major League Baseball.
View the ZDNet video to learn more -
The SF Giants' new hi-tech ballpark
SF Giants CIO Bill Schlough discusses new technology upgrades at AT&T Park and outlines his dual role- managing technology operations at the backend while using hi-tech to improve player performance on the field.
View the ZDNet CIO Vision Series video - From our Sponsors
- Fantasy Football
-
-
3 Great Ways To Play Fantasy Football
Play for free, play to win cash prizes- up to $3500, or customize your own league.
Learn More » -
