blog trackingRealtime Web Statistics Flash Archives - Page 3 Of 4 - Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant - Part 3

Posts Tagged ‘Flash’

Password in flash cs3


This tutorial show you how to make a password for your game/movie in flash cs3 with actionscript 2.0

View full post on National Cyber Security

Google Chrome update fixes 12 vulnerabilities and patches Flash Player

Google released a new version of its Chrome browser in order to update the bundled Flash Player plug-in and address serious security vulnerabilities.

Google Chrome 17.0.963.56 fixes 12 security flaws, seven of which are considered high severity, four of medium severity and one of low severity.

Security researcher Jüri Aedla received a special $1,337 reward for discovering and reporting an integer overflow vulnerability in libpng, the library used by Chrome to process PNG images.

Other high-severity flaws were identified in the browser’s PDF codecs, its subframe loading, h.264 parsing and path rendering components, as well as its MKV, database, column and counter node handling code.

In theory these vulnerabilities should be considered critical because they could facilitate the remote execution of arbitrary code on the targeted systems.

However, because Google Chrome has a sandboxed architecture, exploiting these vulnerabilities alone would not provide attackers with the necessary level of access to run malicious code.

Six vulnerabilities patched in this release were discovered with the help of an open-source tool called AddressSanitizer, Google Chrome engineer Jason Kersey said in a blog post on February 15.

Chrome 17.0.963.56 also includes a new Flash Player version that Adobe released earlier this week, Kersey said. The Flash Player update addresses seven critical security flaws.

Google paid a total of $6,837 to security researchers who reported vulnerabilities patched in this release. The company recently expanded its Chromium Security Rewards Program to also cover vulnerabilities found in Chrome OS.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1cb7e4c7/l/0Lnews0Btechworld0N0Csecurity0C3338140A0Cgoogle0Echrome0Eupdate0Efixes0E120Evulnerabilities0Epatches0Eflash0Eplayer0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Adobe Patches Flash Player Security Flaws

The emergency update patches seven vulnerabilities.

View full post on eSecurityPlanet RSS Feed

View full post on National Cyber Security

Adobe issues support for Flash Player sandboxing in Firefox

Adobe has launched the pubic beta of a new Flash Player sandbox feature for Firefox users, making attacks more difficult for cybercriminals.

Add to digg
Add to StumbleUpon
Add to del.icio.us
Add to Google


View full post on SearchSecurity: Security Wire Daily News

View full post on National Cyber Security

Blurry Cellphone Shots Could Be Eliminated With This Flash Boosting Chip [Photography]

# photography STMicroelectronics hopes to make the wimpy LED flash on your smartphone as bright as the xenon flash in your camera with a new chip that packs a supercapacitor for quick bursts of power. More »

View full post on cellphone security — Yahoo! News Search Results

View full post on National Cyber Security

Flash Player SMS scam charges victims for free Adobe software

BitDefender has uncovered a creative scheme that charges people via SMS for what should be a free copy of Adobe Systems’ Flash player, which is apparently undergoing a test run on a Russian social network.

The scam was uncovered after one of security vendor BitDefender’s customers found a suspicious link to a Flash Player update on Vkontakte, a social networking service for Russian speakers, said Bogdan Botezatu, senior e-threat researcher for BitDefender.

If clicked, the link leads to the Flash Player application, but a drop-down menu then asks what country the user is located in as well as for their mobile phone number and operator. Adobe does not ask for any of that information during a normal installation.

If the person is located outside of Russia, the installer instructs the person to send a message to a short code in order to receive an “activation” code to use the program, Botezatu said. He said that people in the UK are charged £1.50 for the SMS.

Russian users are not charged, perhaps because the scam would be reported quickly to authorities, Botezatu said. The scammers have apparently signed up for SMS payment processing services for countries such as the UK. According to the drop-down menus, the scammers have arranged for SMS payments on networks including O2, Vodafone and Orange as well as ATT in the US.

The scam isn’t widespread yet, which Botezatu said may mean the scammers are conducting a trial run to see how well it works before hitting other social networking sites such as Facebook.

Offering downloads of Adobe products is a frequently used ruse to manipulate users. Often, malware will be substituted for a legitimate Adobe download, but this case appears to be just a money spinner.

“There is no other piece of malware bundled with the file,” he said. “They only try to squeeze the money through the premium SMS scheme.”

Botezatu said BitDefender notified O2 about the scam. The company has included screenshots on its blog.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1b161b00/l/0Lnews0Btechworld0N0Csecurity0C33260A350Cflash0Eplayer0Esms0Escam0Echarges0Evictims0Efor0Efree0Eadobe0Esoftware0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Amazon Black Friday Countdown Deal is 16GB Transcend Flash for $15.99

Amazon offers today as new deal of the day in the ongoing Black Friday Countdown to Amazon Deals Week sale a 16GB Transcend Class 10 SDHC Flash Memory Card. The SDHC Class 10 card sells for $15.99,…

View full post on cyber pirate — Yahoo! News Search Results

View full post on National Cyber Security

Gregory Evans | LinkedIn

Interview With Gregory Evans

Gregory Evans Security Expert

Gregory Evans on Cyber Crime

Surveillance Company Says It Sent Fake iTunes, Flash Updates, Documents Show

A company called Gamma International touts its ability to send a “fake iTunes update” that can infect computers with surveillance software, according to one of the company’s marketing videos.

View full post on hacking tools — Yahoo! News Search Results

View full post on National Cyber Security

11.40.6 Adobe Flash Player Multiple Vulnerabilities

CVEs: CVE: CVE-2011-2426,CVE-2011-2427,CVE-2011-2428,CVE-2011-2429,CVE-2011-2430,CVE-2011-2444

Platform: Cross Platform

View full post on @RISK: The Consensus Security Alert

View full post on National Cyber Security

Mac Trojan malware masquerades as flash player update


A new Trojan malware is targeting computers running Apple Inc.’s Mac OS X, masquerading as an update to Adobe’s Flash software and fooling users into installing it.

Mac security firm Intego said the malware, which it identified as OSX/flashback.A, exploits default settings on OS X’s built-in browser Safari to automatically download and install.

“Users visiting certain malicious websites may see a link or an icon to download and install Flash Player. Since Mac OS X Lion does not include Flash Player, some users may be fooled and think this is a real installation link. When they click the link, an installation package downloads, and, if the user is using Safari as their web browser, the Mac OS X Installer will launch,” it said in a blog post.

It noted the Safari browser considers installer packages, with .pkg or .mpkg extensions, to be “safe” files and will by default launch them after download.

Once launched, the installer will deactivate some network security software – specifically “Little Snitch” — but Intego said it has no effect on its “Intego VirusBarrier X6″ product.

The Trojan will then delete the installation package itself, and install a dyld (dynamic loader) library and auto-launch code, allowing it to inject code into applications the user launches.

“This code, installed in a file at ~/Library/Preferences/Preferences.dylib, connects to a remote server, and sends information about the infected Mac to this server: this includes the computer’s MAC address, a unique identifier. This will allow the malware to detect if a Mac is infected,” Intego said.

Intego advised Mac users not to download a Flash Player installer from any site other than adobe.com.

Mac OS X Lion does not include Flash Player, but users who wish to install this software should visit Adobe’s website: http://www.adobe.com/products/flashplayer/, it said.

Also, it advised Mac users who use Safari as their web browser, to uncheck Open “safe” files after downloading in the program’s General preferences.

This will prevent installer packages—whether real or malicious—from launching automatically, it said.

“Finally, if an installer claiming to be a Flash Player installer appears, users should be very careful to ensure that they did, indeed, download it from Adobe’s web site. If not, they should quit the installer,” it said.

Another security firm, Sophos, said its free anti-virus for Mac home users detects the Flashback malware as OSX/FlshPlyr-A.

Sophos also warned it is easy to imagine how cybercriminals could trick Mac users into infecting their computers with this malware.

“For instance, it would be child’s play to create a website which pretends to show something salacious … and then when you try to view it, you’re prompted to install an update to Adobe Flash. Of course, rather than the genuine Flash you would be installing the Trojan horse,” it said. — LBG, GMA News

Article source: http://www.gmanews.tv/story/233854/technology/mac-trojan-malware-masquerades-as-flash-player-update

View full post on National Cyber Security » Virus/Malware/Worms

Page 3 of 4«1234»

My Twitter

Gregory D. Evans On Facebook