Tag: Adobe

  • RSA Hack Thoughts

    RSA Hack Thoughts

    I read the article “The Full Story of the Stunning RSA Hack Can Finally Be Told” by Andy Greenberg in Wired and several things stood out to me. So this is my commentary on the article and events that are covered. “It opened my eyes to supply chain attacks.” says Mikko Hypponen, chief research officer…

  • Detecting the Recent Adobe 0-Day (APSA10-01) with Nessus

    Detecting the Recent Adobe 0-Day (APSA10-01) with Nessus

    [This was originally published on the Tenable blog.] On June 4, 2010, Adobe announced a new attack being exploited in the wild that targeted Adobe products, and word spread quickly. Adobe’s security bulletin (APSA10-01) provided few details, but confirmed that attackers were actively exploiting a vulnerability that affected their Flash Player, Adobe Reader and Acrobat.…

  • Adobe, Qualys, CVE, and Math

    [This was originally published on the OSVDB blog.] Elinor Mills wrote an article titled Firefox, Adobe top buggiest-software list. In it, she quotes Qualys as providing vulnerability statistics for Mozilla, Adobe and others. Qualys states: The number of vulnerabilities in Adobe programs rose from 14 last year to 45 this year, while those in Microsoft…

  • Who’s to blame? The hazard of “0-day”.

    [This was originally published on the OSVDB blog.] This blog entry is probably worth many pages of ranting, examining and dissecting the anatomy of a 0-day panic and the resulting fallout. Since this tends to happen more often than some of us care to stomach, I’ll touch on the major points and be liberal in…