Zero Day

Ryan Naraine and Dancho Danchev

ZDNet Must Read

'0-day exploit middlemen are cowboys, ticking bomb'

Christopher Soghoian asks: What if a weaponized zero-day sold to a foreign government is used against critical infrastructure in the United States?

Read More »

Blogger Info

Ryan Naraine

Bio
Contact

About Zero Day

Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Mozilla: Firefox can be hacked via booby-trapped images

By Ryan Naraine | February 17, 2012, 11:01am PST

For the second time in a week, Mozilla patches a “critical” vulnerability that could be remotely exploitable and can lead to arbitrary code execution.
Cutwail botnet resurrects, launches massive malware campaigns using HTML attachments

By Dancho Danchev | February 17, 2012, 5:56am PST

Security researchers from M86Security, are contributing the increase in malicious malware campaigns using HTML attachments, to the resurrection of the Cutwail botnet, responsible for spamvertising...
Report: malware pushed by affiliate networks remains the primary growth factor of the cybercrime ecosystem

By Dancho Danchev | February 17, 2012, 5:55am PST

According to FireEye’s recently released “FireEye Advanced Threat Report 2H 2011″ report, malware pushed by affiliate networks, remains among the key growth factors of the...
Anonymous launches 'Operation Global Blackout', aims to DDoS the Root Internet servers

By Dancho Danchev | February 17, 2012, 5:53am PST

The Anonymous hacktivist movement is planning to launch a distributed denial of service attack (DDoS) on the Internet’s root DNS servers, using a Reflective DNS Amplification DDoS tool.
Report: third party programs rather than Microsoft programs responsible for most vulnerabilities

By Dancho Danchev | February 17, 2012, 5:51am PST

According to Secunia’s recently released “Yearly Vulnerability Research Report”, third party applications rather than Microsoft programs are responsible for the majority of...
Google Chrome gets another security makeover

By Ryan Naraine | February 16, 2012, 12:51pm PST

As part of its bug bounty program, Google doled out $6,837 to purchase the rights to information on the Chrome security vulnerabilities.
Apple pushes 'Gatekeeper' to protect Mac OS X from malware attacks

By Ryan Naraine | February 16, 2012, 11:41am PST

The new anti-malware feature works behind the scenes to let Mac users either allow or deny application downloads based on where they come from.
'0-day exploit middlemen are cowboys, ticking bomb'

By Ryan Naraine | February 16, 2012, 10:19am PST

Christopher Soghoian: What if a weaponized zero-day sold to a foreign government is used against critical infrastructure in the United States?
Ted Talk: Avi Rubin - All your devices can be hacked

By Ryan Naraine | February 16, 2012, 6:43am PST

Professor of Computer Science at Johns Hopkins University Avi Rubin talks about the security risks in medical devices and modern cars.
Adobe Flash Player XSS flaw under 'active attack'

By Ryan Naraine | February 15, 2012, 5:13pm PST

Adobe ships a Flash Player patch amidst reports that a universal cross-site scripting flaw “is being exploited in the wild in active targeted attacks.”