One day after Oracle released a massive security update, which included fixes for a number of Java vulnerabilities, Apple shipped its own update for Java for Mac OS X.
Adobe has advanced its sandbox technologies in the latest Reader and Acrobat editions to deter against data theft. It's also added a number of other security features.
The latest flaw affecting Java SE could allow an attacker to take over machines through a complete security sandbox bypass. But, so far, there have been no reports of active exploits.
One of the most prolific Chrome researchers has netted Google's top prize in its inaugural Pwnium competition. Google promptly patched the bug.
Adobe has added a beta sandbox feature to its Flash Player running in the Mozilla Firefox browser, the company announced Monday
Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.
Adobe and Google have partnered to allow Flash to run with sandboxing technology in the Chrome browser, the two companies announced Wednesday. "This first iteration of Chrome's Flash Player sandbox for all [supported] Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," read a post on The Chromium Blog. The release initially is available to Chrome developer channel users. In November, Adobe released its latest Reader version, X, which includes sandboxing that forces operations that display PDF files to the user to be run inside a confined environment. - DK
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Intelligence court affirms FBI's right to search Americans' emails without a warrant
- Most orgs couldn't quickly detect breach, study
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- 3,000 Tidewater Community College workers victimized in W-2 scam
- Ransomware rampant, but chinks found in its armor
- Mining company's data is more valuable than gold
- PCI DSS version 3.2 release extends multifactor authentication requirement
- RSA EMEA Summit: Writing a security strategy that will make Vivaldi proud
- U.S. CIO hints federal adoption of 'bimodal IT' to balance old and new tech