Google have released version 39.0.2171.71 of their Chrome web browser. New version contains an update for Adobe Flash and some other fixes.
More information about these in Google Chrome Releases blog.
Thursday, November 27, 2014
Wednesday, November 26, 2014
Adobe Flash Player Update Available
Adobe have released updated versions of their Flash Player. The new version adds extra hardening against the vulnerability CVE-2014-8439 (a vulnerability in the handling of a dereferenced memory pointer that could lead to code execution) which was mitigated in the October release.
Affected versions:
- Users of Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.239
- Users of Adobe Flash Player 11.2.202.418 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.424
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.239
- Users of Adobe Flash Player 11.2.202.418 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.424
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Sunday, November 23, 2014
WordPress 4.0.1 Released
There have been released new versions of WordPress (blogging tool and content management system) which contains updates to critical security vulnerabilities.
Affected versions:
3.9.2, 3.8.4, 3.7.4 and their earlier versions
More information can be read from the WordPress blog.
Affected versions:
3.9.2, 3.8.4, 3.7.4 and their earlier versions
More information can be read from the WordPress blog.
Wednesday, November 19, 2014
Google Chrome Updated
Google have released version 39.0.2171.65 of their Chrome web browser. New version contains fixes to 42 security issues.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Symantec Intelligence Report: October 2014
Symantec have published their Intelligence report that sums up the latest threat trends for October 2014.
Report highlights:
- Of the industries attacked through spear phishing, the category of Finance, Insurance, and Real Estate received 28 percent of all attempts in the month of October.
- The largest data breach in October had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households.
- OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks.
- Crypto-style ransomware made up 55 percent of all ransomware seen in the month of October.
The report (in PDF format) can be viewed here.
Report highlights:
- Of the industries attacked through spear phishing, the category of Finance, Insurance, and Real Estate received 28 percent of all attempts in the month of October.
- The largest data breach in October had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households.
- OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks.
- Crypto-style ransomware made up 55 percent of all ransomware seen in the month of October.
The report (in PDF format) can be viewed here.
Monday, November 17, 2014
Microsoft Security Intelligence Report Volume 17 Released
Microsoft have released volume 17 of their Security Intelligence Report (SIR)). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.
Wednesday, November 12, 2014
Google Chrome Updated
Google have released version 38.0.2125.122 of their Chrome web browser. Among other fixes (log) the new version contains an update for Adobe Flash.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 15.0.0.189 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.223
- Users of Adobe Flash Player 11.2.202.411 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.418
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.302 SDK and earlier versions should update to the Adobe AIR 15.0.0.356 SDK.
- Users of the Adobe AIR 15.0.0.302 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.356 SDK & Compiler.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Android should update to Adobe AIR 15.0.0.356.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.356.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.189 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.223
- Users of Adobe Flash Player 11.2.202.411 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.418
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.302 SDK and earlier versions should update to the Adobe AIR 15.0.0.356 SDK.
- Users of the Adobe AIR 15.0.0.302 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.356 SDK & Compiler.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Android should update to Adobe AIR 15.0.0.356.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.356.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For November 2014
Microsoft have released security updates for November 2014. This month update contains fourteen security bulletins of which four categorized as critical, eight as important and two as moderate.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, November 10, 2014
Google Study About Manual Hijacking
Account hijacking is a thing that happens a lot. There are different types of hijacking of which one of the most common is mass hijacking. In this case, an automated process uses compromised systems to send out spam messages, malware and phishing campaigns to get even more accounts hijacked. This kind of attacks are usually targeting political institutions, universities, governments and corporations.
Another type of hijacking is so called manual hijacking. This type of attacks are targeting normal users and are done by individuals instead of automated botnets.
Google have published a study they made about manual hijacking. This study can be viewed here (as a pdf document)
Another type of hijacking is so called manual hijacking. This type of attacks are targeting normal users and are done by individuals instead of automated botnets.
Google have published a study they made about manual hijacking. This study can be viewed here (as a pdf document)
Friday, November 7, 2014
Also 53 Million Email Addresses Taken In Home Depot Data Breach
Some time ago Home Depot was in headlines with a data breach where 56 million credit card account details were compromised. During the investigation of that data breach Home Depot found out that the payment data was not the only thing stolen but that 53 million email addresses were taken too.
More information in Home Depot press release.
More information in Home Depot press release.
Subscribe to:
Posts (Atom)
