Security – Page 1765 – Computer Security Articles

Fortinet security researcher Kai Lu discovered and reported two critical zero-day vulnerabilities in Adobe Flash Player in November 2016. Adobe identified them as CVE-2017-2926 and CVE-2017-2927 and released a patch to fix them on January 10, 2017. Here is a brief summary of each of these detected vulnerabilities. CVE-2017-2926 This is a memory corruption vulnerability found in Flash Player’s engine when processing MP4 files. Specifically, the vulnerability is caused by a MP4 file with a crafted sample size in the MP4 atom…

Fortinet Security

January 18, 2017 admin

Analysis of ISC BIND TKEY Query Response Handling DoS (CVE-2016-9131)

Another TKEY record-related bug in BIND has been fixed with a patch from the Internet Systems Consortium (ISC) that was released just after the New Year. This bug may take down BIND recursive servers by sending a simple query response with TKEY record, thereby causing a denial of service (DoS). This potential DoS vulnerability is caused by an assertion failure in Resolver.c when caching the DNS response with TKEY Record. In this post we will analyze the BIND source codes and expose the root cause of this vulnerability. The TKEY record…

Security TrendMicro

January 18, 2017 admin

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for…

Security TrendMicro

January 18, 2017 admin

Everyone Is $$$ To Cybercriminals Using Ransomware

I used to love sitting on the floor and watching Saturday morning cartoons. One of my favorite gags was when a character got really, really hungry. In order to emphasize the point, everything and everyone around them turned to food. The newspaper stand owner became a large hand. The baby in a stroller was suddenly…

Security TrendMicro

January 18, 2017 admin

Is Your Organization Prepared When the Extortionists Come Calling?

In 2016, Trend Micro partnered with ISMG to conduct a survey of financial, healthcare, and government organizations to better understand the challenges they are facing with ransomware. Some of the results surprised us while others were somewhat expected based on what we’ve saw throughout 2016. We all know ransomware has been a major pain for…

Security TrendMicro

January 18, 2017 admin

The January 2017 Security Update Review

Stick to your New Year’s resolution of understanding all there is about security patches and join us in taking a look at the security updates released by Adobe and Microsoft for the month of January 2017. Microsoft Patches for 2017 After a record setting 2016, the folks in Redmond start 2017 off by releasing only…

Security TrendMicro

January 18, 2017 admin

Pwn2Own Returns for 2017 to Celebrate 10 Years of Exploits

We are nine weeks away from Pwn2Own™ 2017 returning to CanSecWest, which is celebrating its 10th anniversary this year. A lot has changed in the world since the first Pwn2Own in 2007. The computing space has changed drastically, as well. The first Pwn2Own happened before Conficker or Stuxnet. It happened before the rise of nation-state…

Security TrendMicro

January 18, 2017 admin

When the Chips are Down, We Pull Together: Trend Micro’s Corporate Responsibility

We live in challenging times. The pressures facing us all individually, and society as a whole, have never been greater, and at times, we’ve never seemed more fractured and destructive. In such times, it is easy to pull back, focus inward and look after number one. However, in truth it has never been more important…