Adobe Patches Memory Corruption Flaw in Shockwave
Adobe updated its Shockwave Player, patching a critical memory corruption vulnerability in the software.
Web Security
Yahoo Hires Bob Lord as its CISO
Yahoo has hired former Twitter and Rapid7 security executive Bob Lord as its new CISO, taking over for Alex Stamos, who this summer left Yahoo for Facebook.
Arrest Made in TalkTalk Hack
TalkTalk CEO Dido Harding said someone purporting to be the hackers who attacked the U.K. telecom demanded a ransom to keep them from publishing the stolen data.
The NSA is moving away from Elliptic Curve Cryptography, and cryptographers aren’t buying their reasoning that advances in post quantum computing put ECC in jeopardy.
Mike Mimoso and Chris Brook discuss the news of the week: How Facebook will begin warning users of nation-state attacks, all the Apple and Oracle patches, and the latest attacks against the Network Time Protocol (NTP).
Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running the platform.
Researchers at Boston University have published new attacks against the Network Time Protocol (NTP) that jeopardize the security of numerous online activities.
Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes.
Oracle patched 154 vulnerabilities in 54 different products as part of its regularly scheduled Critical Patch Update Tuesday.
Let’s Encrypt hit a milestone last night when it received the cross-signatures necessary to render its beta-and free-certificates trusted by all browsers.
