Exploit acquisition company Zerodium announced it would pay up to $100,000 for heap isolation mitigation bypasses against Adobe Flash Player.
Monthly Archives: January 2016
Zerodium Offers $100,000 for Flash Zero-Day Exploit that Bypasses Mitigations
A well-known company popular for buying and selling zero-day vulnerabilities is now offering up to $100,000 for providing a working zero-day exploit for bypassing the Flash Player’s Heap Isolation mitigation.
Few months back, Adobe deployed Heap Isolation in Flash version 18.0.0209 with an aim at making the Use-After-Free (UAF) vulnerabilities more difficult for cybercriminals to exploit.
Got an Android? I hope you’re patching it
Chances are that many people will have been treated to an Android smartphone over the holiday period, and are already finding that it needs an update to make it work more safely.
The post Got an Android? I hope you’re patching it appeared first on We Live Security.
Obama Orders Feds To Study Smart Gun Technology
VTech Hack: Parents Complain Of Christmas Disappointment
Dutch Govt Says No To Backdoors, Slides $540k Into OpenSSL Without Breaking Eye Contact
Google Rolls Out Five Critical Security Fixes For Nexus Devices
Shipping industry gets its first set of cybersecurity guidelines
A number of leading shipping organizations have developed a set of cybersecurity guidelines to help the industry combat this growing threat.
The post Shipping industry gets its first set of cybersecurity guidelines appeared first on We Live Security.
Sony PlayStation Network offline for 12 hours
It feels like a deja-vu: The PlayStation Network was offline with a hacker group claiming responsibility.
The post Sony PlayStation Network offline for 12 hours appeared first on Avira Blog.
Buffer Overflow in Advanced Encryption Package Software
Posted by vishnu raju on Jan 05
Dear List,
Greetings from vishnu (@dH4wk)
1. Vulnerable Product
– Advanced Encryption Package
– Company http://www.aeppro.com/
2. Vulnerability Information
(A) Buffer OverFlow
Impact: Attacker gains administrative access
Remotely Exploitable: No
Locally Exploitable: Yes
3. Vulnerability Description
The vulnerability resides in the registration part of the product The
product exhibits no input length check and uses…