Browsing Author: Ryan Naraine

HD Moore: Critical Flaw in 40 Different Windows Apps

Categories: Malware, Vulnerabilities

[img_assist|nid=6261|title=|desc=|link=none|align=left|width=100|height=100]Metasploit’s HD Moore was in the midst of researching the recently patched LNK (Windows shortcut) vulnerability when he stumbled upon a serious problem that exposes more than 40 different Windows software programs to remote code execution attacks. 

Read more...

Verizon DBIR Challenge Clue #2

[img_assist|nid=6133|title=|desc=|link=none|align=right|width=90|height=90]This year’s Verizon Data Breach Investigations Report (DBIR) challenge is  well and truly underway.  I see where the (public) contestants are stumped so, here’s a clue to nudge them along:

Read more...

Apple Zaps JailbreakMe Bugs in Record Time

Categories: Malware, Vulnerabilities

[img_assist|nid=6134|title=|desc=|link=none|align=right|width=95|height=95]Less than two weeks after exploits for a pair of serious security vulnerabilities were fitted into an automated JailbreakMe.com exploit, Apple has rushed out a patch to block the jailbreaking of iPhone, iPad and iPod Touch devices.

Read more...

Verizon DBIR Cryptography Challenge: Here’s The First Clue

[img_assist|nid=6133|title=|desc=|link=none|align=left|width=90|height=90]So, according to a little birdie tweeting in the night, the 2010 Verizon Data Breach Investigations Report (DBIR) contains another encryption challenge that leads to actual cash prizes. 

Read more...

Adobe Plugs Critical Holes in Flash Player

Categories: Malware, Vulnerabilities

[img_assist|nid=6125|title=|desc=|link=none|align=right|width=100|height=100]Adobe’s ubiquitous Flash Player software is vulnerable to at least six critical security vulnerabilities that could allow hackers to launch remote code execution attacks, the company warned in an advisory.

Read more...

Apple Readies Patch for Jailbreakme.com Vulnerability

[img_assist|nid=6093|title=|desc=|link=none|align=left|width=82|height=82]USA Today’s Byron Acohido is reporting that Apple plans to rush out a patch for the drive-by download flaw that allows jailbreaking if an iPhone, iPad or iPod Touch device simply surfs to a web site.

Read more...

Adobe Plans Emergency PDF Reader Patch

Categories: Malware, Vulnerabilities

[img_assist|nid=6061|title=|desc=|link=none|align=left|width=100|height=100]On the heels of a Black Hat conference presentation where researcher Charlie Miller provided details of an exploitable vulnerability in Adobe’s PDF Reader software, the company plans to ship an out-of-band patch to ward off malicious hacker attacks.

Read more...

MS Patch Tuesday: Critical IE, Office Patches Coming

[img_assist|nid=6060|title=|desc=|link=none|align=right|width=90|height=90]Microsoft is planning a very busy Patch Tuesday this month: 14 bulletins with patches for 34 vulnerabilities in Windows, Microsoft Office, Internet Explorer, SQL and Silverlight.

Read more...