February 9th, 2010

Adobe screw-up leaves Flash flaw unpatched for 16 months

Posted by Ryan Naraine @ 8:49 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Exploit code, Firefox, Flash, Locally Running Web Servers, Malware, Mozilla, Patch Watch, Responsible disclosure, Viruses and Worms

Tags: Adobe Systems Inc., Flaw, Macromedia Flash Player, Web Browsers, Security, Internet, Ryan Naraine

Adobe has acknowledged that an internal screw-up caused potentially dangerous serious Flash Player flaw to remain unpatched for more than 16 months after it was first reported by an external security researcher.

“It slipped through the cracks,” said Emmy Huang, a product manager for Flash Player.  Adobe’s mea-culpa follows the public release of proof-of-concept code demonstrating a Flash Player browser plug-in crash.

Read the rest of this entry »

February 5th, 2010

Oracle rushes out patch for gaping server hole

Posted by Ryan Naraine @ 1:17 pm

Categories: Arbitrary Code Execution, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Open source, Oracle, Responsible disclosure, Vulnerability research

Tags: Oracle Corp., Vulnerability, Patches, Security, Firewalls, Networking, Ryan Naraine

Oracle has released an out-of-band patch to fix a gaping security hole in the Oracle WebLogic Node Manager and warned that an attacker could launch remote attacks over a network without the need for a username and password.

The patch follows the public release of exploit code as part of the recent Week of Web Server Bugs.

Read the rest of this entry »

January 13th, 2010

Google (finally) enables default "https" access for GMail

Posted by Ryan Naraine @ 10:32 am

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Denial of Service (DoS), Exploit code, Google, Google Chrome, Locally Running Web Servers, Microsoft, People's Republic of China

Tags: Google Inc., Google Gmail, HTTP, E-mail Providers, Internet, Ryan Naraine

A day after confirming a major security breach by Chinese hackers looking for GMail account information, Google has turned on default “https:” access for its popular Web mail service.

Read the rest of this entry »

January 13th, 2010

Adobe plugs PDF zero-day flaw in latest security makeover

Posted by Ryan Naraine @ 8:06 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Flash, Hackers, Locally Running Web Servers, Malware, Patch Watch, Reverse Engineering, Viruses and Worms, Zero-day attacks

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Vulnerability, Update, Adobe Acrobat Reader, Zero-day Bug, Enhanced Security, Security, Ryan Naraine

Adobe has released a mega-update for its Reader and Acrobat software products to fix a total of eight documented security vulnerabilities.

The update comes with significant security improvements, including the on-by-default addition “Enhanced Security,” a feature that provides a set of default restrictions and a method to define trusted locations that should not be subject to those restrictions.
Read the rest of this entry »

January 12th, 2010

Adobe confirms 'sophisticated, coordinated' breach

Posted by Ryan Naraine @ 5:17 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Google, Governments, Locally Running Web Servers, People's Republic of China, United States of America

Tags: Adobe Systems Inc., Security, Ryan Naraine

In an attack described as “sophisticated” and “coordinated,” Adobe said its corporate network systems were breached by hackers.

The company said the attack also affected other unnamed companies.  Adobe did not provide any other details except to say it was aware of the breach on January 2, 2010.

Read the rest of this entry »

December 21st, 2009

Adobe plugs gaping holes in Flash Media Server

Posted by Ryan Naraine @ 10:40 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Flash, Locally Running Web Servers, Patch Watch, Responsible disclosure, Vulnerability research, Web Applications

Tags: Adobe Systems Inc., Media Server, Vulnerability, Server, Security, Ryan Naraine

Adobe has released a critical patch to cover a pair of serious vulnerabilities affecting the Adobe Flash Media Server (FMS) 3.5.2 and earlier versions. The update is available for all platforms and addresses issues that allow an attacker to run malicious code on the affected system. Read the rest of this entry »

December 1st, 2009

Exploit published for FreeBSD local root vulnerability

Posted by Ryan Naraine @ 9:22 am

Categories: Arbitrary Code Execution, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Kernel-level Exploits, Locally Running Web Servers, Open source, Passwords, Patch Watch, Pen testing

Tags: FreeBSD, Vulnerability, FreeBSD Security Team, Patches, UNIX, Operating Systems, Open Source, Security, Software, Ryan Naraine

The FreeBSD security team has rushed out a temporary patch to cover a local root vulnerability that exposes users to code execution attacks. The patch follows the public release of exploit code on the Full-Disclosure mailing list.

Read the rest of this entry »

November 10th, 2009

Adobe plugs security hole in Photoshop Elements

Posted by Ryan Naraine @ 4:15 pm

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Locally Running Web Servers, Patch Watch, Pen testing

Tags: Adobe Systems Inc., Adobe PhotoShop, Adobe PhotoShop Elements, Security, Patches, Ryan Naraine

Adobe has shipped a patch to cover a security vulnerability affecting its Photoshop Elements software product.

The flaw, rated moderate, affects Adobe Photoshop Elements versions 8.0 and 7.0. It could be exploited by a hacker with valid login credentials and/or physical access to execute arbitrary commands with elevated privileges. Read the rest of this entry »

October 27th, 2009

Malware ads served from Gizmodo

Posted by Ryan Naraine @ 10:04 am

Categories: Adobe, Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Facebook, Flash, Locally Running Web Servers, Malware, Passwords, Social Networking Applications, Spam and Phishing, Spyware and Adware

Tags: Advertisement, Blog, Malware, Gizmodo, Ryan Naraine

[ UPDATE: Dancho has more details on this attack ]

Popular gadget blog Gizmodo has acknowledged falling victim to an “elaborate scam” that served malicious ads for scareware (fake anti-virus) to its readers.

In an apology posted online, Gizmodo said the its ad sales team was tricked into running malicious ads purporting to be from Suzuki.  Read the rest of this entry »

October 27th, 2009

Facebook password-reset spam is Bredolab botnet attack

Posted by Ryan Naraine @ 8:27 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Data theft, Denial of Service (DoS), Facebook, Locally Running Web Servers, Malware, Microsoft, Passwords, Phishing, Social Networking Applications, Spam and Phishing, Spyware and Adware, Viruses and Worms

Tags: Facebook, Spam, Attack, Virus Hunter, Cyberthreats, E-mail, Identity Theft, Security, Viruses And Worms, Online Communications

Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware.

The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks. Read the rest of this entry »