HackDig : Dig high-quality web security articles for hacker

BlackOasis APT and new targeted attacks leveraging zero-day exploit

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require
Publish At:2017-10-21 15:05 | Read:290 | Comments:0 | Tags:Featured Research Adobe APT Microsoft Word Vulnerabilities a

Adobe, Microsoft Plug Critical Security Holes

Adobe and Microsoft both on Tuesday released patches to plug critical security vulnerabilities in their products. Microsoft’s patch bundles fix close to 80 separate security problems in various versions of its Windows operating system and related software — including two vulnerabilities that already are being exploited in active attacks. Adobe
Publish At:2017-09-30 15:56 | Read:326 | Comments:0 | Tags:Other adobe adobe flash player Ivanti microsoft Patch Tuesda

Adobe accidentally leaked online its Private PGP Key

The Adobe product security incident response team (PSIRT) accidentally published a private PGP key on its blog, once discovered the issue it quickly revoked it. On Friday, the Adobe PSIRT updated its Pretty Good Privacy (PGP) key and published the new public key on the blog post. The new key should have been valid until September 2018, but something strange
Publish At:2017-09-25 16:35 | Read:190 | Comments:0 | Tags:Breaking News Digital ID Hacking Adobe data leak PGP PGP key

Flash Player is Dead, Long Live Flash Player!

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out th
Publish At:2017-08-02 22:00 | Read:501 | Comments:0 | Tags:Other adobe apple Benjamin Smedberg exploit kits Facebook Fl

Do you use Adobe Flash Player? You should update it now!

Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by att
Publish At:2017-07-14 00:15 | Read:675 | Comments:0 | Tags:Breaking News Hacking Adobe Connect Flash Player RCE XSS

Going Through a Rough Patch in Your Security Program? Consistent Software Patching Can Solve Security Woes

Security is an imperfect art. It’s also an imperfect science. Whether it involves experimenting with certain tweaks or implementing proven standards and prescriptive advice, figuring out how to manage a security program is as complex as navigating any other business function. According to the Pareto Principle, security professionals should focus on the
Publish At:2017-07-03 23:50 | Read:541 | Comments:0 | Tags:Endpoint Network Risk Management Adobe Patch Patch Managemen

Adobe patches tens of vulnerabilities in Flash Player, Shockwave Player, Captivate and Digital Editions

On Tuesday, Adobe released updates for Flash Player, Shockwave Player, Captivate and Digital Editions addressing a total of 20 vulnerabilities. Some vulnerabilities fixed by Adobe are critical remote code execution issue, the last release, version 26.0.0.126, addressed nine flaws in Flash Player. The vulnerabilities were tracked as CVE-2017-3075, CVE-2017-30
Publish At:2017-06-14 02:05 | Read:651 | Comments:0 | Tags:Breaking News Hacking Adobe Flash Player

VERT Threat Alert: March 2017 Patch Tuesday Analysis

Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultMS17-006MS17-007MS17-008MS17-013MS17-014MS17-017MS17-018 MS17-012No Known Exploi
Publish At:2017-03-15 23:31 | Read:993 | Comments:0 | Tags:Featured Articles Vulnerability Management Adobe microsoft P

Security updates fix critical vulnerabilities in Flash player and Shockwave player

Adobe patches vulnerabilities in Flash Player and Shockwave for Windows, Mac, Linux and Chrome OS. Adobe issued security updates for Flash Player and Shockwave Player products. The security updates released by the company on Tuesday address seven vulnerabilities in Flash Player and one flaw in Shockwave Player. The Flash Player 25.0.0.127 version fixes criti
Publish At:2017-03-15 06:55 | Read:816 | Comments:0 | Tags:Breaking News Security Adobe buffer overflow Flash Player pr

February Updates from Adobe, Microsoft

A handful of readers have inquired as to the whereabouts of Microsoft‘s usual monthly patches for Windows and related software. Microsoft opted to delay releasing any updates until next month, even though there is a zero-day vulnerability in Windows going around. However, Adobe did push out updates this week as per usual to fix critical issues in its F
Publish At:2017-02-20 04:10 | Read:683 | Comments:0 | Tags:Other adobe Flash Player microsoft Patch Tuesday February 20

Adobe just fixed thirteen code execution flaws in Flash Player

Adobe addressed thirteen highest severity code execution vulnerabilities in Flash Player for Windows, MAC OS, and Chrome. Adobe released security updates that address two dozen vulnerabilities in Flash Player, Digital Editions, and the Campaigns marketing tool. Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrom
Publish At:2017-02-15 05:05 | Read:1102 | Comments:0 | Tags:Breaking News Hacking Adobe Flash Player

Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs

Adobe is no stranger to finding itself in the security headlines for all the wrong reasons, and it seems that things may not be changing as we enter 2017.There was controversy earlier this month when news broke about how Adobe took the opportunity on Patch Tuesday of using its regular security updates to force Adobe Acrobat DC users into silently installing
Publish At:2017-01-20 00:35 | Read:718 | Comments:0 | Tags:Featured Articles Adobe Adobe Acrobat vulnerability

VERT Threat Alert: January 2017 Patch Tuesday Analysis

Today’s VERT Alert addresses 4 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-706 on Wednesday, January 11th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasy MS17-001ModerateDifficultExtremely Difficult MS17-004No Known Exploit  MS17-002 M
Publish At:2017-01-10 17:20 | Read:1159 | Comments:0 | Tags:Featured Articles Vulnerability Management Adobe microsoft P

Adobe patches multiple flaws including a Flash Zero-Day exploited in the wild

Adobe issued security patches that address multiple flaws in 9 products, including fixes for zero-day vulnerabilities that has been exploited in the wild. Adobe has issued security updates to fix vulnerabilities in nine products, including patches for zero-day flaws that has been exploited in targeted attacks. The version 24.0.0.186 of Flash Player addresses
Publish At:2016-12-13 19:45 | Read:1617 | Comments:0 | Tags:Breaking News Hacking Adobe Adobe Flash CVE-2016-7892 securi

Adobe Flash Player flaws remain the most used by Exploit Kits

Experts from the firm Recorded Future published a report on the most common vulnerabilities used by threat actors in the exploit kits. Recorded Future published an interesting report on the most common vulnerabilities used by threat actors in the exploit kits. The experts observed that Adobe Flash Player and Microsoft products (Internet Explorer, Silverlight
Publish At:2016-12-06 21:20 | Read:1401 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Reports Adobe CVE-2016-018

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud