Don’t get me wrong.. It is not ready yet.. This is just the preview for one of the components
According to a research published by Trusteer earlier this month, 79.5% of the 2.5 million users of their Rapport security service run a vulnerable version of Adobe Flash, with 83.5% also running a vulnerable version of Acrobat.
The company has also criticized Adobe by insisting that their update mechanism “does not meet the requirements of a system that is used by 99% of users on the Internet and is highly targeted by criminals“, but is praising the update mechanism of Google’s Chrome and Firefox, whose silent updates close the window of opportunity for malicious attackers to take advantage of.
[Read more HERE]
A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyzed it (thanks to Peter Kruse of CSIS for the samples).
The worm was first identified on a popular Chinese social web site (for schools, if I’m not wrong), Renren (http://www.renren.com). This site is in many ways similar to Twitter or Facebook, but much more media intensive and it allows users to share various information, including pictures, movies etc.
[Read more HERE]
I’ve stumbled across a small security vulnerability in Facebook that, after some thought, turned out to be a way to launch a powerful and surprising attack.
The attack allows personal information including full name, profile picture, and friends list to leak to an eagerly awaiting hacker. The uniqueness of this attack, is that the unaware user’s data may be stolen when she is surfing a legitimate, trusted site, not a site controlled by the attacker.