Ryan Naraine

‘Blitzableiter’ Protects Against Flash Player Exploits

A German security researcher has released an open-source tool that analyses and cleans up Flash code before playback to
prevent security holes in Adobe Flash Player from being exploited.The tool, called “Blitzableiter” (lightning rod), is the brainchild of Felix “FX” Lindner, a well-known hacker who presented it at the 26th Chaos Communication Congress (26C3).

Apple Malware Blocker Left For Dead?

Nearly six months after Apple added a malware blocker to Mac OS X (Snow Leopard), the feature appears to be collecting cobwebs.Apple has not added any anti-malware signature updates to the XProtect.plist file that launched with antidotes for OSX.RSPlug.A and OSX.Iservice, two known Trojan horse programs targeting Mac OS X users.


Despite the fact that the majority of malware exploits use JavaScript to trigger an attack in Adobe’s PDF Reader product, the company says it’s impossible to completely remove JavaScript support without causing major compatibility problems.In a Q&A (listen to podcast) with Threatpost editors Dennis Fisher and Ryan Naraine, Adobe security chief Brad Arkin says the removal of JavaScript support is a non-starter because it’s an integral part of how users do form submissions.

Adobe has released a critical patch to cover a pair of serious vulnerabilities affecting the Adobe Flash Media Server (FMS) 3.5.2 and earlier versions.The update is available for all platforms and addresses issues that allow an attacker to run malicious code on the affected system.

Cisco today released a security update with patches for a half-dozen serious security flaws in its WebEx Recording Format (WRF) Player.The vulnerabilites vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution, the company warned.  Read the full advisory [cisco.com]

Here’s a quick update to the Adobe PDF Reader/Acrobat zero-day story that broke yesterday after the company confirmed that an unpatched vulnerabilities was being attacked in the wild.First up, an exploit has been fitted into the Metasploit point-and-click penetration testing tool and there are predictions that exploit code will be widely available within a day or two.

Security researchers have intercepted a new variant of the Zeus crimeware using Amazon’s EC2 services to command and control the botnet. The cybercriminals appear to be using Amazon’s RDS managed database hosting service as a backend alternative in case they lose access to the original domain, which would result in the complete loss of access to the compromised financial data obtained from the infected hosts.  Read the full story [ZDNet]

Adobe has shipped a critical Flash Player update to fix at least
seven documented security vulnerabilities that expose nearly every
computer user to dangerous hacker attacks.
The Flash Player 10.0.42.34 update is available for all platforms
(Windows, Linux and Mac OS X).  Here are the raw details: