Another week, another Adobe security problem, this time in Adobe’s Download Manager. The Adobe Download Manager (DLM) used to download updates from Adobe’s site, but Aviv Raff discovered a vulnerability which would force the Download Manager to download a file of an attacker’s choosing. DLM is supposed to remove itself from [...]
Posts Tagged ‘Vulnerability’
Vulnerability Roundup
February 17th, 2010
No Comments
While they were absent from last week’s roundup, Adobe has returned with advisories in 3 of their products, not surprisingly Flash and Reader, and also BlazeDS which is included in some of their server offerings. The Flash and Reader vulnerabilities share a CVE (CVE-2010-0186) which can allow an attacker to subvert [...]
SecuraBit live tonight with Rob Lee!
February 10th, 2010
No Comments
Join us tonight as we interview Rob Lee where he’ll be discussing his upcoming SANS vLive! course as well as other happenings in the security world….APT.
We should be live around 8pm EST tonight, join us on IRC or listen in live at this link!
If you haven’t taken the Security 508 course yet we have an excellent [...]
Vulnerability Roundup
February 4th, 2010
No Comments
Another week, another Adobe advisory. This time, it’s not reader, but ColdFusion 9 which shipped with a service someone forgot to lock down to the localhost which would allow an attacker to view system information as well as mess with search indexes.
Two advisories from Cisco as well this week, covering two [...]
Vulnerability Roundup
January 27th, 2010
No Comments
Well, it looks like all the big boys are here. Microsoft, Google, Adobe, Cisco, and ISC’s BIND all make this week’s roundup. As mentioned in last week’s roundup, Microsoft released an out-of-band update for vulnerabilities related to the attacks on Google, Adobe and others.
Speaking of Google and Adobe, Chrome 4 Stable has [...]
Vulnerability Roundup
January 20th, 2010
No Comments
The number of vulnerabilities this week isn’t as large as last week, but the impact is certainly much larger. Leading off is the vulnerability used to break into Google’s internal systems, as well as those at more than 30 other Fortune 500 companies. Also included is a link from SANS on what [...]
Vulnerability Roundup
January 13th, 2010
1 Comment
Here are some of the more interesting vulnerabilities or patches from this week. As this is our first roundup, some of these are a little older than a week, but noteworthy nonetheless. This week we have a light Patch Tuesday from Microsoft, but Adobe picks up the slack with patches for a server [...]
SecuraBit Episode 9
September 4th, 2008
3 Comments
On this episode of SecuraBit:
Multiboot Security DVD
Mubix posted an awesome link on his blog to a Multiboot Security DVD that allows you to boot
Google Chrome
September 4th, 2008
No Comments
Google Chrome has generated a lot of press in the day since it was released on Tuesday. It gained over a 1% market share in under 24 hours. Some of
Interesting Security News – 08/29/08
August 29th, 2008
No Comments
Interesting security news for 08/29/08:
White House Imposes New Security Mandate for Federal Agencies (Washington Post) – All government agencies will be required to implement DNSSEC by January 2009.
