Adobe Updates April 2014

This month’s Adobe Patch Tuesday revolves around Flash. This means the zero-days used by VUPEN to exploit Adobe Reader at CanSecWest last month go unpatched. CVE-2014-0506 and CVE-2014-0507 deal with remote code execution and were both used separately at CanSecWest’s… Read Full Article

Trust. Trust. Trust

Over the past week or so I’ve been to TrustyCon, Jeffrey Carr’s town-hall debate on Privacy v National Security and Georgetown’s conference on International Engagement on Cyber. All these conferences had trust as a major focal point. Trust in the… Read Full Article

November Adobe Patches

This month’s Adobe Security Update round is a relatively quiet one, in contrast to the Microsoft patch cycle. There are two bulletins, one affecting Flash Player and one affecting ColdFusion. After the discovery of a major breach at Adobe recently some would perhaps… Read Full Article

NSAccess Control Lists

Last week, I attended the International Conference on Cyber Security at Fordham University in NYC. This event brought together participants from government, the private sector and academia. The closing session was a panel featuring the directors of the CIA, FBI and NSA… Read Full Article