Clik here to view.
Mozilla Disables Insecure Java Plugin in Firefox
Mozilla is disabling older versions of the Java Deployment Toolkit plugin for Firefox users, in a bid to block attacks against a newly-discovered Java security hole that attackers have been exploiting...
View ArticleClik here to view.
Mozilla Plugin Check Now Does Windows (Sort of)
Mozilla‘s Plugin Check Web site, which inspects Firefox browsers for outdated and insecure plugins, now checks other browsers — including Apple‘s Safari, Google‘s Chrome, Opera, and (to a far lesser...
View ArticleClik here to view.
Security Updates for Firefox, Opera Browsers
Mozilla has shipped a new version of Firefox that corrects a number of vulnerabilities in the browser. Separately, a new version of Opera is available that fixes at least five security flaws in the...
View ArticleWhy Counting Flaws is Flawed
Once or twice each year, some security company trots out a “study” that counts the number of vulnerabilities that were found and fixed in widely used software products over a given period and then...
View ArticleAdobe, Microsoft, WordPress Issue Security Fixes
Talk about Patch Tuesday on steroids! Adobe, Microsoft and WordPress all issued security updates for their products yesterday. In addition, security vendor Tipping Point released advisories detailing...
View ArticleClik here to view.
Adobe Ships Security Patches, Auto-Update Feature
Adobe today issued more than a dozen security updates for its Acrobat and PDF Reader programs, including a feature update that will install future Reader security updates automatically. In addition,...
View ArticleClik here to view.
Comcast Hijacks Firefox Homepage: “We’ll Fix”
Comcast says it is revamping the software that new customers need to install to start service with the ISP. The software is unfriendly to Mac users running Firefox: It changes the browser’s homepage...
View ArticleClik here to view.
Adobe, Apple, Microsoft & Mozilla Issue Critical Patches
Adobe, Apple, Microsoft and Mozilla all released updates on Tuesday to fix critical security flaws in their products. Adobe issued a patch that corrects four vulnerabilities in Shockwave Player, while...
View ArticleClik here to view.
Bugs Money
Talk about geek chic. Facebook has started paying researchers who find and report security bugs by issuing them custom branded “White Hat” debit cards that can be reloaded with funds each time the...
View ArticleClik here to view.
How to Break Into Security, Grossman Edition
I recently began publishing a series of advice columns for people who are interested in learning more about security as a craft or profession. For the third installment in this series, I interviewed...
View ArticleClik here to view.
Yahoo! Pushing Java Version Released in 2008
At a time when Apple, Mozilla and other tech giants are taking steps to prevent users from browsing the Web with outdated versions of Java, Yahoo! is pushing many of its users in the other direction:...
View ArticleClik here to view.
How Many Zero-Days Hit You Today?
On any given day, nation-states and criminal hackers have access to an entire arsenal of zero-day vulnerabilities – undocumented and unpatched software flaws that can be used to silently slip past...
View ArticleClik here to view.
Bugzilla Zero-Day Exposes Zero-Day Bugs
A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about...
View ArticleClik here to view.
Patch Tuesday, 2016 U.S. Election Edition
Let’s get this out of the way up front: Having “2016 election” in the headline above is probably the only reason anyone might read this story today. It remains unclear whether Republicans and Democrats...
View ArticleClik here to view.
New Bill Seeks Basic IoT Security Standards
Lawmakers in the U.S. Senate today introduced a bill that would set baseline security standards for the government’s purchase and use of a broad range of Internet-connected devices, including...
View ArticleClik here to view.
Flash Player is Dead, Long Live Flash Player!
Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware...
View Article
