blog trackingRealtime Web Statistics Silent Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘Silent’

Snowden talks at meeting with German MP Ströbele [Silent Video]


This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

________________________

http://gregorydevans.com – http://gregorydevans.wordpress.com – http://hackerforhire.com – http://hackerforhireusa.com

German MP Ströbele discusses with Snowden investigation into NSA spying [Silent Video]


This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

________________________

http://gregorydevans.com – http://gregorydevans.wordpress.com – http://hackerforhire.com – http://hackerforhireusa.com

Depression : The silent enemy


Depression : The silent enemy By Sheikh Sulaiman Moola Click here to download the audio of this clip: http://www.4shared.com/mp3/QsKQI07v/Depression_-The_sil…

________________________

http://gregorydevans.com – http://gregorydevans.wordpress.com – http://hackerforhire.com – http://hackerforhireusa.com

Silent Bodyguard on TV News 10

Silent Bodyguard on TV News 10. Read More….

View full post on Hip Hop Security

Adobe preps silent Flash updates for Macs

Adobe last week released a new beta of Flash Player that includes silent updates for Macs
View full post on Computerworld Security News

View full post on National Cyber Security » Announcements

Al-Qaeda sites go silent in possible cyber attack

Al-Qaeda's main Internet sites have gone silent for more than a week in an unprecedented blackout that is most likely the result of a cyber attack, analysts said Tuesday.

View full post on cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Flash Player 11.2 fixes critical vulnerabilities and adds silent updates

Adobe have released Flash Player 11.2, addressing two critical arbitrary code execution vulnerabilities and introducing a silent update option.

One of the patched vulnerabilities stems from how older versions of Flash Player checks URL security domains, and only affects the Flash Player ActiveX plug-in for Internet Explorer on Windows 7 or Vista.

Both vulnerabilities can trigger memory corruptions and can be exploited to execute arbitrary code remotely. However, Adobe is not aware of any exploits for these flaws being used in online attacks at this time, said Wiebke Lips, Adobe’s senior manager of corporate communications.

Users of Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris are advised to update to the new Adobe Flash Player 11.2 for their respective platforms. Users of Adobe Flash Player 11.1.111.7 for Android are advised to update to Flash Player 11.1.111.8.

Flash Player 11.2 also introduces a new updating mechanism that can be configured to check for and deploy updates in the background automatically, without requiring user interaction. The feature has been in Adobe’s plans for a long time and is expected to decrease the number of outdated Flash Player installations that attackers can target.

“The new background updater will provide a better experience for our customers, and it will allow us to more rapidly respond to zero-day attacks,” said Peleus Uhley, platform security strategist at Adobe. “This model for updating users is similar to the Google Chrome update experience, and Google has had great success with this approach. We are hoping to have similar success.”

The move was welcomed by Thomas Kristensen, chief security officer at Secunia, which develops the popular Personal Software Inspector (PSI) patch management program.

“A silent and automatic updating mechanism for Flash would help the majority of users. A more consistent and rapid updating of the user base is likely to impact the attackers’ preferences for Flash,” he said.

Of course, this will only happen after the vast majority of users upgrade to Flash Player 11.2 or a later version using the old method that requires explicit approval.

When Adobe Flash Player 11.2 is installed, users are asked to choose an update method. The available choices are: install updates automatically when available (recommended), notify me when updates are available, and never check for updates (not recommended).

The silent updater will try to contact Adobe’s update server every hour until it succeeds. If it receives a valid response from the server that no update is available, it will wait 24 hours before checking again.

For now, the automatic update option is only available for Flash Player on Windows, but Adobe is working on implementing it for Mac versions as well, Uhley said.

However, even if the automatic update option is enabled, Adobe will decide on a case-by-case basis which updates will be deployed silently and which won’t. Those that change the Flash Player default settings will require user interaction.

The new updater will update all Flash Player browser plug-ins installed on the system at the same time. “This will solve the problem of end-users having to update Flash Player for Internet Explorer separately from Flash Player for their other open source browsers,” Uhley said.

In addition to keeping the Flash Player install base up to date more easily and reducing the time required to effectively respond to zero-day attacks – attacks that exploit previously unknown vulnerabilities – the new silent updater could also reduce the number of scams that distribute malware as Flash Player updates.

“The pretext of a Flash Player update has been intensively used by cyber-crooks to lure users into downloading malicious content,” said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDefender. “By eliminating the update wizard, users will likely get more difficult to con on the pretext of a legitimate update required by an application they trust.”

Unfortunately, this silent update model can’t be applied to all applications, Botezatu said. He gave the example of Internet Explorer 6, which Microsoft is trying to phase out, but that companies still widely use because their business applications are dependent on it and don’t work on newer versions.

Adobe is doing its part to convince users to move away from Internet Explorer 6 by dropping support for the browser from upcoming Flash Player versions. “We will no longer include testing on Internet Explorer 6 in our certification process and strongly encourage users to upgrade to the newest version of Internet Explorer,” Uhley said.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1de731e0/l/0Lnews0Btechworld0N0Csecurity0C33478370Cflash0Eplayer0E1120Efixes0Ecritical0Evulnerabilities0Eadds0Esilent0Eupdates0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Mozilla will start Firefox silent updates in June

Computerworld -

Mozilla yesterday reiterated that it’s still working on silent updates for Firefox, and said it should have the Chrome-like service in place by early June.

In a sweeping summary of 2011′s accomplishments and an outline of plans for 2012, Robert Nyman, a Mozilla technical evangelist, listed silent updates as one the projects the company will finish this year. “Updates will now be downloaded and installed silently in the background,” wrote Nyman in a Wednesday post to the Hacks Mozilla blog. “Silent updates are currently planned to land in Firefox 13.”

Mozilla unloads a Firefox upgrade every six weeks — it launched Firefox 11 just two days ago — and has Firefox 13′s release on the calendar for June 5, 2012.

Mozilla has been working on silent updating for about 17 months. At one point, it thought it could add the feature to Firefox 4, which shipped in March 2011, but abandoned that work when the upgrade was delayed several times for other reasons.

Late last year, it said it was shooting for silent updating in Firefox 10, which debuted in January. Those plans were also revised, and Firefox 13 was tagged as the new goal.

Some of the components of silent updating have already made it into Firefox: Version 10 debuted automatic add-on compatibility marking, for example.

Implementing silent updating would make Firefox only the second browser to offer the feature. Google’s Chrome has used automatic, in-the-background updates since its September 2008 debut.

Firefox silent updating would let Mozilla deploy emergency security fixes — it calls those “chem spills” — without bothering users, and potentially push more users to each new version.

Microsoft has also jumped on the silent update bandwagon: In December 2011, it announced it would automatically upgrade Internet Explorer (IE) to the newest browser suitable for each version of Windows. Before the scheme’s January debut, Microsoft had asked users for their permission before upgrading IE from one version to the next, even if Windows’ automatic update service was enabled.

Also this week, Mozilla released Firefox 11 with patches for 12 vulnerabilities, nine of them rated “critical.”

For a short time, Firefox 11 faced a launch delay that would have broken Mozilla’s perfect record of meeting release deadlines since it switched to an every-six-week pace last year.

The delay, which Mozilla announced last Monday morning and nixed later the same day, was necessary, said Mozilla, to patch a Firefox bug unveiled at the Pwn2Own hacking contest.

It turned out that Mozilla already knew of the vulnerability exploited by researchers Vincenzo Iozzo and Willem Pinckaers on Pwn2Own’s last day, March 9. Iozzo and Pinckaers rode that exploit to take Pwn2Own’s $30,000 second-place prize.

According to Mozilla’s security advisory, the Iozzo/Pnickaers vulnerability had been discovered earlier by Firefox software engineer Jeff Walden. Mozilla classified the bug as a “memory safety problem” in JavaScript’s “array.join” function.

Mozilla also released Firefox 3.6.28, the latest security update for the two-year-old browser, to patch five or six vulnerabilities. Mozilla’s advisories were unclear on the exact number.

Firefox 3.6 is now officially retired, Mozilla announced yesterday. In notes from a Wednesday planning meeting, the company said, “Firefox 3.6.28 is our last planned 3.6 update (emphasis in original).”

To replace Firefox 3.6 — which many enterprises retained when they balked at upgrading every six weeks — the company has rolled out Firefox ESR, or Extended Support Release, a version that receives only security updates during its 54-week lifespan.

Windows, Mac and Linux editions of Firefox 11 can be downloaded manually from Mozilla’s site. Users running Firefox 4 or later will be offered the upgrade through the browser’s own update mechanism.

The next version of Firefox is scheduled to ship April 24.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg’s RSS feed . His email address is gkeizer@computerworld.com.

See more by Gregg Keizer on Computerworld.com.

More: Browser Topic Center

Read more about Browsers in Computerworld’s Browsers Topic Center.

Article source: http://rss.computerworld.com/~r/computerworld/s/feed/topic/17/~3/PBGKjg4bGqw/Mozilla_will_start_Firefox_silent_updates_in_June

View full post on National Cyber Security » Announcements

Koobface Masterminds Named; Botnet Goes Silent (January 17, 18, & 19, 2012)

Five people have been named as the masterminds behind the Koobface botnet…….

View full post on SANS NewsBites

View full post on National Cyber Security

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!