Monthly Archives: May 2014

The Mad, Mad Dash to Update Flash

May 15, 2014

An analysis of how quickly different browser users patch Adobe Flash vulnerabilities shows a dramatic variation among browser makers. The data suggest that Google Chrome and Mozilla Firefox users tend to get Flash updates relatively quickly, while many users on Microsoft’s Internet Explorer browser consistently lag behind.

Adobe, Microsoft Issue Critical Security Fixes

May 13, 2014

Adobe and Microsoft today each released software updates to plug dangerous security holes in their products. Adobe pushed patches to fix holes in Adobe Acrobat/Reader as well as Flash Player. Microsoft issued eight update bundles to nix at least 13 security vulnerabilities in Windows and software that runs on top of the operating system.

Teen Arrested for 30+ Swattings, Bomb Threats

May 12, 2014

A 16-year-old male from Ottawa, Canada has been arrested for allegedly making at least 30 fraudulent calls to emergency services across North America over the past few months. The false alarms — two of which targeted this reporter — involved calling in phony bomb threats and multiple attempts at “swatting” — a hoax in which the perpetrator spoofs a call about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.

Antivirus is Dead: Long Live Antivirus!

May 7, 2014

An article in The Wall Street Journal this week quoted executives from antivirus pioneer Symantec uttering words that would have been industry heresy a few years ago, declaring antivirus software “dead” and stating that the company is focusing on developing technologies that attack online threats from a different angle. This hardly comes as news for anyone in the security industry who’s been paying attention over the past few years, but I’m writing about it because this is a great example of how the cybercrime underground responds to — and in some cases surpasses — innovations put in place by the good guys.

Microsoft Issues Fix for IE Zero-Day, Includes XP Users

May 1, 2014

Microsoft said that later today it will issue an emergency security update to fix a zer0-day vulnerability that is present in all versions of its Internet Explorer Web browser and that is actively being exploited. In an unexpected twist, the company says Windows XP users also will get the update, even though Microsoft officially ceased supporting XP last month.