Looks like Adobe, makers of products as Photoshop and Adobe Reader, has suffered a major compromise. Brian Krebs, of Krebs On Security and Alex Holden, CISO of Hold Security LLC, discovered the breach earlier this week by
In a joint research effort they have found a trove of files, including uncompiled source code for Adobe products on a server known to be used by cyber criminals.
You can read the complete post from Brian here.
He has confirmed that Adobe is presently investigating a network compromise, and despite believing no customer credit card information exited their networks, they will be notifying potentially affected customers to change passwords.
Software are complex, having so many layers and hands involved in its creation. The bigger it becomes the more likely it is to have bugs and some potentially ugly ones at that.
No matter how much money, people or fans you throw at a software project, bugs will always creep up. Developers just hope to shake out as many as possible before release.
Apple released iOS 7 with the launch of new iPhones came with the usual excitement and fanfare. iOS 7 comes with new security features and lots of updates.
Heralded for their security enhancements and features, Apple was quick to send out fixes for the reportedly 80 security holes patch in iOS 7, including passcode holes and kernel fixes.
With the news of features and fixes it’s easy for us to feel secure and let our guard down when using an iDevice.
Well, not so fast.
It appears Apple is having its share of new security bugs.
The past week has been pretty rough for Apple and its loyal fan base. The release of iOS 7 and two new phones (iPhone 5s and iPhone 5c) introduced many changes, and with the company under the microscope, it didn’t take very long for some major negative headlines to pop up.
Microsoft disclosed information on a new Internet Explorer zero-day vulnerability yesterday in a security advisory.
Dubbed CVE-2013-3893, the vulnerability exists in SetMouseCapture within mshtml.dll, part of Internet Explorer 6 through 11.
Fortunately, Microsoft released a “Fix it” workaround that will patch mshtml.dll and remove the vulnerability. Internet Explorer users should apply the Fix It immediately.
With all the talk about backdoor encryption, phishing attacks and privacy, I think it’s a good time to mention that today is Patch Tuesday! That means that Microsoft is releasing a lot of critical updates to their software today; updates that deal with some of the concerns of the day.
So be sure to update your system as soon as you can, though for those of you who might not know how simply head to:
There are a total of 14 updates today with four of them being of the critical nature, that is that the patches will prevent would-be attackers from using remote execution exploits on your operating system. Remote execution exploits allow an attacker to execute exploits give that full remote control of your system which could result in spying, credential stealing or malware being installed.