Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player.
The security community might understand what the Stuxnet worm did. Now the war is over what the worm means – Stuxnet’s legacy, if you will. The latest to weigh in on that question is Steve Croft, of the CBS news magazine 60 Minutes.
Former National Security Agency (NSA) Director Ret. General Michael Hayden called the sabotaging of Iran’s nuclear program with Stuxnet a “good idea” during an interview with ‘60 Minutes.’
SAN FRANCISCO – A panel of security and policy experts said that, despite dire warnings about the information warfare capabilities of China and other developing nations, the risk of an all-out cyber war is remote, and that the U.S. still holds many of the cards.
SAN FRANCISCO – Companies that are hoping to catch a ride on the mobile wave should pay close attention to the application development firms they choose to work with, unless they want to be saddled with a buggy and insecure albatross bearing their corporate logo, a leading application security expert warns.
A new attack against online banking customers uses a malware platform to trick its victims into verifying bogus transactions.The attack, first described by Trusteer CTO Amit Klein, waits for an unsuspecting business banking customer to log online before telling them that “security checks” need to be performed.
When Ralph Langner, an independent security researcher, presented his analysis of specialized code used by the Stuxnet worm to an audience of his peers at the S4 Conference in Miami last month, it was a chance to get down in the weeks with one of the world’s top experts on Stuxnet and threats to industrial control system.
A new version of the Flashback Trojan that targets Macs has appeared, and this one uses a drive-by download technique to attempt exploits of two Java vulnerabilities. The Flashback.G malware also tries to trick users into accepting a fake digital certificate, which will install the malware if the Java exploits fail.
Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a string of attacks against an Adobe Reader vulnerability from 2010.
The Web site of information leak site Cryptome was compromised earlier this month and infected with the Blackhole exploit kit, according to documents posted on the site.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
