Tag Archive for: IMPROVED

Latest Flash Player version has improved exploit defenses

/in

The Flash Player update released Tuesday not only fixed two vulnerabilities that were being targeted by attackers, but added additional protections that will make entire classes of security flaws much harder to exploit in the future.

There were three low-level defenses added in Flash Player 18.0.0.209, two of which block a technique that has been used by many Flash exploits since 2013.

The technique involves corrupting the length of an ActionScript Vector buffer object so that malicious code can be placed at predictable locations in memory and executed. ActionScript is the programming language in which Flash applications are written.

This method was used by at least two of the Flash Player exploits found among the files leaked from Italian surveillance software maker Hacking Team, as well as in two other flash zero-day exploits used by cyberespionage groups this year, researchers from Google said in a blog post Thursday.

To read this article in full or to leave a comment, please click here

Network World Security

Android Security Improved in 2014, yet Risks Remain – eWeek

/in

eWeek

Android Security Improved in 2014, yet Risks Remain
eWeek
As the popularity of Google's Android mobile operating system has grown over the years, so too have the security threats against it—that is, until 2014, according to Google's Android Security State of the Union 2014 report. Although Google has made …
Google cuts potentially harmful Android app installs in half, according to reportSDTimes.com
Google releases Android Security State of Union for 2014, founds malware Customs Today Newspaper
Google lifts the lid on Android malware with new reportITProPortal
Jagran Post –ZDNet
all 92 news articles »

“android security” – read more

Doing more with less: Steering a quantum path to improved internet security – Phys.Org

/in

Doing more with less: Steering a quantum path to improved internet security
Phys.Org
Doing more with less: Steering a quantum path to improved internet security. 1 hour ago. internet. Credit: Wikipedia. Research conducted at Griffith University in Queensland, Australia, may lead to greatly improved security of information transfer over

and more »

“internet security” – read more

Improved patch tackles new Shellshock attack vectors

/in

System administrators who spent last week making sure their computers are patched against Shellshock, a critical vulnerability in the Bash Unix command-line interpreter, will have to install a new patch that addresses additional attack vectors.

The Shellshock vulnerability was originally discovered by Akamai Technologies security researcher Stephane Chazelas and can be exploited in several ways to remotely execute code on systems like Linux and Mac OS X that use Bash as their default shell.

The fact that the bug has existed in Bash for many years and that Linux is used on a wide variety of devices from servers to industrial equipment and embedded electronics, means that the flaw’s impact is potentially very large.

To read this article in full or to leave a comment, please click here

Network World Security