Monday, March 23, 2015

Mozilla Product Updates Released

Mozilla have released updates to Firefox and Seamonkey browsers to address a couple of vulnerabilities of which both categorized as critical.

Affected products are:
- Mozilla Firefox earlier than 36.0.4
- Mozilla Firefox ESR earlier than 31.5.2
- SeaMonkey 2.33.1

Links to the security advisories with details about addressed security issues:
MFSA 2015-29 Code execution through incorrect JavaScript bounds checking elimination
MFSA 2015-28 Privilege escalation through SVG navigation

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
SeaMonkey

Google Chrome Updated

Google have released version 41.0.2272.101 of their Chrome web browser.

More information in Google Chrome Releases blog.

Monday, March 16, 2015

Adobe Flash Player Update Available

Adobe have released updated version of their Flash Player. The new version fixes critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Affected versions:

- Users of Adobe Flash Player 16.0.0.305 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 17.0.0.134

- Users of Adobe Flash Player 11.2.202.442 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.451

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update


More information can be read from Adobe's security bulletin.

Wednesday, March 11, 2015

Symantec Intelligence Report: February 2015

Symantec have published their Intelligence report that sums up the latest threat trends for February 2015.

Report highlights:
- The largest data breach reported during February took place in January, and resulted in the exposure of 80 million identities.
- The average number of spear-phishing attacks rose to 65 per day in February, up from 42 in January.
- There were 400 vulnerabilities and one zero-day vulnerability disclosed during February.


The report (in PDF format) can be viewed here.

Microsoft Security Updates For March 2015

Microsoft have released security updates for March 2015. This month update contains 14 security bulletins of which five categorized as critical and nine as important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Tuesday, March 10, 2015

ESET Global Threat Report for February 2015

ESET have published a report discussing global threats of February 2015.

TOP 10 threats list (previous ranking listed too):

1. Win32/Adware.MultiPlug (3.)
2. HTML/Refresh (1.)
3. WIN32/Bundpil (2.)
4. JS/Kryptik.I (8.)
5. Win32/TrojanDownloader.Waski (-)
6. HTML/ScrInject (4.)
7. Win32/Sality (5.)
8. LNK/Agent.AV (6.)
9. Win32/Ramnit (7.)
10. INF/Autorun (9.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Thursday, March 5, 2015

Google Chrome Updated

Google have released version 41.0.2272.76 of their Chrome web browser. Among other changes the new version contains fixes to 51 security issues.

More information about these in Google Chrome Releases blog.

Monday, March 2, 2015

ESET Global Threat Report for January 2015

ESET have published a report discussing global threats of January 2015.

TOP 10 threats list (previous ranking listed too):

1. HTML/Refresh (1.)
2. WIN32/Bundpil (2.)
3. Win32/Adware.MultiPlug (3.)
4. HTML/ScrInject (-)
5. Win32/Sality (5.)
6. LNK/Agent.AV (8.)
7. Win32/Ramnit (10.)
8. JS/Kryptik.I (-)
9. INF/Autorun (7.)
10. LNK/Agent.AK (6.)





Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).