Search Results for: adobe

Forever Day Vulnerability Affects All Windows Versions

by

Forever Day is a play on the “Zero-day” vulnerability which means the application vulnerability has not been patched and can be hacked. Forever-day now means it is always vulnerable (unless the software vendors figure out a patch), although it may be a configuration problem.   Dark reading has the story: http://www.darkreading.com/endpoint/new-security-flaw-spans-all-versions-of-windows/d/d-id/1319884 The most interesting paragraph: … Read more

Patching Software “Security” Dilemma

by

We have a dilemma when deciding how and when to patch the software we depend on. Not all vulnerability patches are built to fix the problems they were set to resolve without causing any other problem.  Picture is from #TheHackerNews How do we resolve this while also realizing that the window to patch our software … Read more

Fear The Killer Malware

by

Killer Malware…  what does it mean?  When is it coming? It means a distributed spam network (hard to blacklist)   (as John Stewart from Cisco mentioned http://oversitesentry.com/john-stewart-cisco-security-exec-interviewed-by-bloomberg/ ) A Zero-day malware included in well written (targeted) spam.  Like the Flash vulnerability that just came out. https://nakedsecurity.sophos.com/2015/01/23/adobe-issues-emergency-fix-for-flash-zero-day/   And then we come to the “Killer” part, Ransomware … Read more

Patches? “We don’t need those stinkin’ Patches”

by

Yet another Adobe Flash patch is out: Here is where they are all located: http://helpx.adobe.com/security.html Yesterday 2 patches (fixing vulnerabilities found) were released http://helpx.adobe.com/security/products/flash-player/apsa15-01.html “Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.  We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems … Read more

Set-Up Proper Internet Security

by

While reading the ~20 blogs this morning the one from F-Secure hit home: http://community.f-secure.com/t5/BSB-Blog/Why-Internet-security-should/ba-p/65567 Elija is discussing why we should have Internet security: “The 24/7 work culture is also one reason for using the same devices both for work and for leisure. This in turn may lead to a situation where social media activities and … Read more