Post-pumpkin Patch Tuesday: What’s in store for November
There has been a lot of activity since October’s Patch Tuesday. During that short period of time, Oracle released its quarterly CPU, including an update for Java JRE; Adobe …
Google warns of actively exploited Windows zero-day
Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7255) that is being actively exploited in the wild. According to Neel Mehta and …
Android apps based on Adobe AIR SDK send out unencrypted data
Developers using the Adobe AIR SDK should update to the latest version of the software development kit and rebuild the apps as soon as possible if they don’t want their …
Building a new open standard for cloud-based digital signatures
On July 1, 2016, a new European Union signature regulation (eIDAS) will go into effect, helping pave the way for global adoption of secure digital signatures. Aligned with …
Fix for actively exploited Flash Player 0day is out, patch ASAP!
Adobe has issued a patch for the Plash Player zero-day vulnerability (CVE-2016-4171) that is actively exploited by the ScarCruft APT group. The bug, discovered by Anton Ivanov …
Adobe patches Flash 0day exploited in attacks
The Adobe Flash Player update announced earlier this week is here, and it fixes more than just the zero-day flaw exploited in attacks in the wild. All in all, the latest …
Credential manager system used by Cisco, IBM, F5 has been breached
Pearson VUE, a provider of computer-based assessment testing for regulatory and certification boards, has announced that its Credential Manager system (PMC) has been …
Google helps Adobe improve Flash security
Adobe has been dealt a heavy blow after the Hacking Team data dump produced three Flash Player zero-day exploits and they begun being exploited in the wild.While Adobe was …
Old Adobe Flex SDK bug still threatens users of many high-profile sites
An old vulnerability affecting old releases of the Adobe Flex SDK compiler can be exploited to compromise user data of visitors to many popular sites, including three of most …
Adobe launches bug disclosure program, skimps on bounties
Adobe has launched its own web application vulnerability disclosure program. Set up through the bug bounty platform HackerOne, the program is limited to vulnerabilities …
Forbes.com compromised by Chinese cyber spies targeting US firms
Forbes.com – the 61st most popular website in the US according to Alexa – has been compromised to redirect certain visitors to websites delivering espionage …
Adobe urges users to implement critical out-of-band Flash Player update
For the second time in a month, Adobe has issued a security update for Flash Player. This out-of-band update finally fixes a critical vulnerability that could be misused by …