Category Archives: Security

New Adobe Acrobat Zero-Day Reported

Researchers from the respected malware research firm FireEye today reported a zero-day flaw that is actively being exploited in the wild. They reportedly observed successful exploitation of the latest Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1. It is assumed that earlier versions are also vulnerable though this has not been confirmed. In the words of […]

Adobe issues two Flash zero-day patches

Today, a Security Bulletin (APSB13-04) has been posted to address security issues in Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and […]

Oracle releases emergency patches for Java

Oracle has released a sizable number of patches for Java to address 50 vulnerabilities affecting both the browser versions as well as the server. The “Critical Patch Update February 2013” (CPU) for Java had been scheduled for February 19th, but due to one of the vulnerabilities being exploited in the wild, the company brought the […]

UPnP to be the next mega-exploit?

The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions of vulnerable devices. The U.S. government’s Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as […]

“Terrific Employee” loses job over USB Memory Stick breach

The woman faulted for the latest breach of Utah Medicaid data, an account manager for Goold Data Systems, is no longer employed at Goold. “She was a terrific employee who made a mistake, a pharmacist who oversees the entire Utah account,” said Jim Clair, CEO of the Maine-based company, which manages pharmacy claims for several […]

Seriously… not another Java zero-day attack?

I’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers […]

Why did I get a virus?!

For crying out loud… How did this happen? You’re just surfing along, minding your own business and BAM – some bogus-looking thing pops up claiming you have 300 infected files and you need to pay $70 to get your computer cleaned. Or, like my elderly neighbor over the past weekend, you get a scary full-screen […]

Are you using Postini? It’s time to make other plans

Are you a Postini user? Postini is an email security platform that was gobbled up by Google a few years ago. Google Apps email users have enjoyed the spam and virus protection ever since, as have many clients who leveraged the Postini tools to cleanse their incoming email before it arrived on their own servers. […]

Oracle releases the awaited patch for Java

After announcing a fix was coming just yesterday, Oracle on Sunday released Java 7 Update 11 to address the recently disclosed security vulnerability. If you use Java, you should download the latest update now from the Java Control Panel or directly from Oracle’s website here: Java SE 7u11. Always visit the Programs and Features app […]

Concern over the zero-day Java exploit grows

Security experts worldwide are raising the alarm about the recently disclosed zero-day exploit affecting all versions of Java. The latest Java version, Java 7 Update 10 contains a critical security vulnerability which is reportedly already being used for large scale cyber attacks. Users who have Java installed on their computers should consider removing it unless […]