I just read a blog post (no need to direct traffic there with a link) that included the following content: This week, I had the opportunity to interview the hacking teams that used zero-day vulnerabilities and clever exploitation techniques to compromi…
Unrealistic "Security Advice"
I just read a blog post (no need to direct traffic there with a link) that included the following content: This week, I had the opportunity to interview the hacking teams that used zero-day vulnerabilities and clever exploitation techniques to compromi…
Mozilla deploys Firefox safety net for corporate mindreaders
Security fixes applied to as-yet-undisclosed older builds
Mozilla has pledged to update old versions of Firefox with security fixes, granting enterprises extra time to test and deploy major upgrades of the browser safe in the knowledge that vulnerabili…
Adobe plugs 6 critical holes in Reader
Adobe on Tuesday patched six vulnerabilities in the newest version of its popular Reader PDF viewer, making good on a late-2011 promise when it shipped an emergency update for an older edition.
Microsoft patches critical Windows drive-by bug
Microsoft today shipped seven security updates that patched eight vulnerabilities in Windows and a code library used to protect Web applications from cross-site scripting attacks.
As experts expected, today Microsoft issued the patch it pulled at the l…
Adobe patches critical security holes in Reader and Acrobat
Adobe is plugging critical security holes in its Adobe Reader X and earlier versions for Windows and Macintosh, and Adobe Acrobat X and earlier versions for Windows and Macintosh, as part of its quarterly patch update.
The update includes fixes for two…
Is Your Online Bank Vulnerable To Currency Rounding Attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in them, including bugs that allowed users to take money from other users’ accounts, ma…
Where Will Hackers Strike Next: Transportation?
Practically every industry these days needs to be prepared for some kind of cyber threat, but the nature of the attacks and how the hackers carry out their assaults is ever-changing. Two news stories that popped onto my radar this week point to the dif…
ASP.NET Holiday Patches
It’s the end of 2011 as we know it, and Microsoft feels fine finishing out the year with a handful of out-of-band holiday patches. This round is important not because the vulnerabilities directly impact massive numbers of customers and their online be…
