Technologies
tripwire.com
Fake Adobe update really *does* update Flash (while also installing cryptominer)
Online criminals are planting cryptomining code on victims’ Windows computers, using the camouflage of an update to Adobe Flash Player.
Read more in my article on the Tripwire State of Security blog.
Senator calls on US Government to start killing Flash now
For some companies eradicating Adobe Flash Player is going to be a significant job. And it may be an even bigger challenge for very large organisations, such as the US Government.
welivesecurity.com
Firms using WebEx at risk of poisoned Flash attacks
Companies should check they are running latest version of WebEx, and beware attacks via the road less travelled.
Read more in my article on the We Live Security blog.
welivesecurity.com
It’s time to patch your Microsoft and Adobe software again against vulnerabilities
It’s the second Tuesday of the month, and you know what that means… Yep, it’s time for another bundle of essential security updates from Microsoft.
Read more in my article on the We Live Security blog.
Two zero-day vulnerabilities disclosed after Foxit refuses to patch PDF Reader
Researchers have disclosed two zero-day vulnerabilities affecting Foxit’s PDF Reader after the vendor revealed it has no plans to fix the security flaws.
David Bisson reports.
bitdefender.com
At last! Firefox puts another nail in Flash’s coffin
There has been another welcome step along the road to Adobe Flash’s funeral, with the release this week of a new version of the Firefox browser.
Read more in my article on the Hot for Security blog.
Invisible Man malware lifts banking credentials by abusing Android accessibility services
A family of malware known as “Invisible Man” abuses Android OS accessibility services in order to steal users’ banking credentials.
David Bisson reports.
It’s a trap! Marcher banking trojan masquerades as Adobe Flash Player for Android
Never let a suspicious program coerce you into allowing Android app installations from unknown sources.
David Bisson reports.
welivesecurity.com
Adobe Flash Player users should update their software NOW
Critical security holes keep being found in Adobe Flash Player. Have you updated yours yet?
Read more in my article on the We Live Security blog.
Want to watch HSBC’s security awareness videos? You’d best have Flash installed…
If you don’t give your customers a different way to consume your content, they’re going to feel forced to (shudder…) install Adobe Flash.
Good news and bad news on the Microsoft patch front
Microsoft belatedly patches some vulnerabilities in Adobe Flash Player, but some zero-days in other software remain untouched for now.
tripwire.com
Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs
Adobe is no stranger to finding itself in the security headlines for all the wrong reasons, and it seems that things may not be changing as we enter 2017.
Read more in my article on the Tripwire State of Security blog.
Adobe Flash responsible for six of the top 10 bugs used by exploit kits in 2016
Of the top 10 vulnerabilities incorporated by exploit kits in 2016, six of them (rather unsurprisingly) affected Adobe Flash Player.
David Bisson reports.
Patch Flash NOW
Shock – horror!
There’s another critical security exploit in Adobe Flash, and it is being actively exploited in targeted attacks.
Update Flash now or… you know… kick it to the kerb.
A patchtastic day for Flash and Windows users – don’t delay!
Don’t drag your feet. If the likes of Adobe and Microsoft describe vulnerabilities as critical it’s important that you patch them at your earliest opportunity.
Porn sites are giving up on Adobe Flash – and who can blame them?
Pornhub says goodbye to Flash. Security-conscious users shout huzzah!