In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines for issuing an emergency “out of band” patch and some data on the impact of new security features, like Adobe Protected Mode.
Attackers have been leveraging the FlashPack Exploit Kit to peddle CryptoWall 2.0 ransomware on unsuspecting visitors to sites like Yahoo, The Atlantic and AOL.
There is a severe remote code execution vulnerability in a number of Cisco’s security appliances, a bug that was first disclosed nearly three years ago.
A week-old Adobe Flash Player vulnerability has already been integrated into the Angler and Fiesta exploit kits, researcher Kafeine discovered.