Tag Archives: Mac

Lessons learned from the Target PCI Breach

More information has been trickling out regarding the massive Target PCI breach that took place during the 2013 Christmas shopping season. Forensic researchers first learned that hackers penetrated Target’s network by means of a business transaction portal. It appears that Fazio Mechanical Services was the source. Fazio is a Pittsburgh-area nationwide mechanical contractor that services […]

WordPress now offers automatic updates

There is welcome news for web developers this week as WordPress now offers automatic updates to the uber-popular web development platform. Starting out as a blogging tool, WordPress has morphed into a full website development ecosystem. Like many, this author has embraced WordPress due to its simplicity, flexibility, and easy search engine optimization. The importance […]

Oracle closes critical Java vulnerability

Oracle announced today the release of updates for Java versions 5, 6, and 7 to patch a critical java vulnerability actively being exploiting in the wild. The patches were reportedly slated for release in April but the timetable was pushed up in response to a recent report demonstrating the active exploit. This further prolongs the […]

Anti-virus software alone is not enough

“Anti-virus software alone is not enough”… so says the number one antivirus provider Symantec in this post. A rather stunning admission I would say, and something many in the security industry have known for quite some time. The admission comes on the heels of the successful infiltration of the New York Times by Chinese hackers […]

Apple blocks vulnerable Flash plugins

Kudos to Apple. Last week they decided to start blocking vulnerable versions of Adobe Flash plugins from running in the built-in Safari web browser. This is in direct response to the active exploits in the wild affecting Macs as well as PCs. Users who fail to update when prompted are now receiving an error message […]

Yet Another Java Zero-Day

Researchers at the respected security firm FireEye have discovered yet another Java zero-day attack that leverages previously unknown vulnerabilities with the latest versions of Java (as of this writing Java v1.6 Update 41 and Java v1.7 Update 15) to install malware. This comes on the heels of a discovery of two other holes (as yet […]

Apple also a victim of targeted malware attack

Apple revealed today that they were targeted by the same malware attack leveled against Facebook on February 1st. The earlier comments by Facebook hinted at a working group of high-value targets and Apple now appears to be among them. The attack took advantage of a previously unknown Java zero-day exploit to infect the engineers’ computers […]

Adobe has scheduled an update for last week’s Acrobat zero-day

Adobe announced in a blog post that they will issue updates for version XI, X, and 9 to close the zero-day hole revealed last week. The patch will be released for Windows, Linux, and Macintosh operating systems. All users are advised to install the patch as soon as it becomes available. Thom Infotech encourages Adobe […]

Adobe issues two Flash zero-day patches

Today, a Security Bulletin (APSB13-04) has been posted to address security issues in Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and […]