« »

Cyber Security News – December 7, 2011

  • Facebook Security Flaw Exposed Users, Zuckerberg’s Private Photos
    Ironically, the very tool that was intended to help users police inappropriate and offensive content on Facebook was exploited to access images that users had marked private. – Some Facebook users gleefully exploited a security flaw in Facebook’s mechanism for reporting inappropriate or offensive images posted on the social networking site to access and publish Facebook CEO Mark Zuckerberg’s private photos. Facebook moved quickly to close the hole.

    On Nov. 27, an anonym…


  • Mandiant Webinar Wednesday; Help Us Break a Record!
    I’m back for the last Mandiant Webinar of the year, titled State of the Hack: It’s The End of The Year As We Know It – 2011. And you know what? We feel fine! That’s right, join Kris Harms and me Wednesday at 2 pm eastern as we discuss our reactions to noteworthy security stories from 2011.

    Register now and help Kris and me beat the attendee count from last month’s record-setting Webinar.

    If you have questions about and during the Webinar, you can always send them via Twitter to @mandiant and use the hashtag m_soh.

    Tweet

    Copyright 2003-2011 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
  • Adobe Warns of Critical Zero Day Vulnerability


    wiredmikey writes “Adobe issued an advisory today on a zero-day vulnerability (CVE-2011-2462) that has come under attack in the wild. According to Adobe, the issue is a U3D memory corruption vulnerability that can be exploited to cause a crash and permit an attacker to hijack a system. So far, there are reports the vulnerability is being exploited in limited, targeted attacks against Adobe Reader 9.x on Windows. However, the bug also affects Adobe Reader and Acrobat 9.4.6 and earlier 9.x versions for UNIX and Macintosh computers, as well as Adobe Reader X (10.1.1) and Acrobat X (10.1.1) and earlier 10.x versions on Windows and Mac. Patches for Windows and Mac users of Adobe Reader X and Acrobat X will come on the next quarterly update, scheduled for Jan. 10, 2012.”

    Read more of this story at Slashdot.

Digest powered by RSS Digest

This entry was written by erwin@itdefensesolutions.com , posted on Wednesday December 07 2011at 08:12 am , filed under Security News . Bookmark the permalink . Post a comment below or leave a trackback: Trackback URL.

Comments are closed.

« »