no-image

Adobe Updates April 2014

This month’s Adobe Patch Tuesday revolves around Flash. This means the zero-days used by VUPEN to exploit Adobe Reader at CanSecWest last month go unpatched. CVE-2014-0506 and CVE-2014-0507 deal with remote code execution and were both used separately at CanSecWest’s… Read Full Article

no-image

Trust. Trust. Trust

Over the past week or so I’ve been to TrustyCon, Jeffrey Carr’s town-hall debate on Privacy v National Security and Georgetown’s conference on International Engagement on Cyber. All these conferences had trust as a major focal point. Trust in the… Read Full Article

no-image

November Adobe Patches

This month’s Adobe Security Update round is a relatively quiet one, in contrast to the Microsoft patch cycle. There are two bulletins, one affecting Flash Player and one affecting ColdFusion. After the discovery of a major breach at Adobe recently some would perhaps… Read Full Article

no-image

NSAccess Control Lists

Last week, I attended the International Conference on Cyber Security at Fordham University in NYC. This event brought together participants from government, the private sector and academia. The closing session was a panel featuring the directors of the CIA, FBI and NSA… Read Full Article