Tag Archives: linux

‘Shellshock’ Bug Spells Trouble for Web Security

September 25, 2014

As if consumers weren’t already suffering from breach fatigue: Experts warn that attackers are exploiting a critical, newly-disclosed security vulnerability present countless networks and Web sites that rely on Unix and Linux operating systems. Experts say the flaw, dubbed “Shellshock,” is so intertwined with the modern Internet that it could prove challenging to fix, and in the short run is likely to put millions of networks and countless consumer records at risk of compromise.

Critical Flash Player Update Fixes 2 Zero-Days

February 7, 2013

Adobe today pushed out an emergency update that fixes at least two zero-day vulnerabilities in its ubiquitous Flash Player software that attackers are already exploiting to break into systems. Interestingly, Adobe warns that one of the exploits in use is designed to drop malware on both Windows and Mac OS X systems.

Security Fix for Critical Java Flaw Released

August 30, 2012

Oracle has issued an urgent update to close a dangerous security hole in its Java software that attackers have been using to deploy malicious software. The patch comes amid revelations that Oracle was notified in April about this vulnerability and a number other other potentially unpatched Java flaws.

Something Old is New Again: Mac RATs, CrimePacks, Sunspots & ZeuS Leaks

May 16, 2011

One of the biggest challenges in information security — and with security reporting in general — is separating what’s new and worth worrying about from seemingly new threats and developments that really are just old threats repackaged or stubborn facts that get rediscovered by a broader audience. This post represents my attempt to apply that sorting process to several security news headlines that readers have been forwarding my way in the past week, and to add a bit more information from my own reporting.

Test Your Browser’s Patch Status

March 30, 2011

With new security updates from vendors like Adobe, Apple and Java coming out on a near-monthly basis, keeping your Web browser patched against the latest threats can be an arduous, worrisome chore. But a new browser plug-in from security firm Qualys makes it quick and painless to find and patch outdated browser components.