Information Security in Today's Digital Culture
Header

If you haven’t heard about it by now, let me clue you in: Java is a security nightmare. A few days ago, a zero-day exploit for Java 7 became widely-known. The exploit bypasses Java 7’s security sandbox and permits attackers to download and execute code without user interaction. The attack is already available in Metasploit …
Read more

You know it’s a bad week when circumstances warrant two Security Advisory posts.  There is a zero-day vulnerability making the rounds that affects Adobe Acrobat and Acrobat Reader versions 9.  The exploit arrives in a PDF file and exploits the ability of Acrobat to run JavaScript embedded in PDF files.  The vulnerability can be completely …
Read more

Microsoft recently released a patch for security issue MS09-002 which is a vulnerability in Internet Explorer 7 that allows remote code execution.  There is now an exploit in the wild for this vulnerability.  The current version of this exploit steals personal data and exfiltrates it to a remote site.  I would expect that RBN and …
Read more