Sandboxing News, Articles and Updates
One day after Oracle released a massive security update, which included fixes for a number of Java vulnerabilities, Apple shipped its own update for Java for Mac OS X.
Adobe has advanced its sandbox technologies in the latest Reader and Acrobat editions to deter against data theft. It's also added a number of other security features.
The latest flaw affecting Java SE could allow an attacker to take over machines through a complete security sandbox bypass. But, so far, there have been no reports of active exploits.
One of the most prolific Chrome researchers has netted Google's top prize in its inaugural Pwnium competition. Google promptly patched the bug.
Adobe has added a beta sandbox feature to its Flash Player running in the Mozilla Firefox browser, the company announced Monday
Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.
Adobe and Google have partnered to allow Flash to run with sandboxing technology in the Chrome browser, the two companies announced Wednesday. "This first iteration of Chrome's Flash Player sandbox for all [supported] Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," read a post on The Chromium Blog. The release initially is available to Chrome developer channel users. In November, Adobe released its latest Reader version, X, which includes sandboxing that forces operations that display PDF files to the user to be run inside a confined environment. - DK
SC Magazine Articles
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet
- Ransomware: The evolution of cybercrime, a roundtable
- Researchers find seven classes of vulnerabilities in iOS sandbox security feature
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- Six senators urge Obama to prioritize cybercrime at G20 summit
- Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections
- Privacy advocates upset over FAA drone regulations, citizen takes action
- Voter database hack in Illinois by foreign intruder compromises info of 200K
- Fantom and FairWare ransomware discovered