Google showed a great deal of confidence ahead of the CanSecWest conference this year when it announced plans to offer up to $1 million in rewards for a successful exploit against its Chrome browser. The company even launched its own Pwnium contest. Continue reading Google’s Chrome Web Browser Hacked at CanSecWest
A dangerous zero-day Flash attack revealed yesterday by Adobe patched along with other flaws in the application is the dreaded and relatively rare universal cross-site scripting (XSS) threat. The vulnerability was spotted being exploited in the wild in targeted, email-based attacks.
Universal XSS attacks spread via browsers or plug-ins, so they can affect any website, regardless of whether it harbors inherent XSS flaws. Adobe’s patch for the flaw was issued late yesterday, one day after it had issued updates for Acrobat and Reader in its regularly scheduled patch release. Continue reading Zero-Day Used In Targeted Email Attacks on Adobe Flash
Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which the most dangerous one allows remote code execution. You can see Symantec’s advisory here.
Now, for last couple of weeks there have been a lot of rumors about source code of several Symantec’s products that got stolen by yet unknown hackers. Besides a post that listed file names nothing else has been released in public yet, as far as we know. Continue reading pcAnywhere users – patch now!