Adobe Released Security Bulletin to Patch Multiple Vulnerable Products

Posted by Avik Sarkar On 8/12/2011 03:26:00 am

Adobe released a security bulletin to patch their multiple vulnerable products. Here are the list with detail information of those products.
  • APSB11-19 – Security update available for Adobe Shockwave Player (Critical)
  • APSB11-20 – Security update available for Adobe Flash Media Server (Critical)
  • APSB11-21 – Security update available for Adobe Flash Player (Critical)
  • APSB11-22 – Security update available for Adobe Photoshop CS5 (Critical)
  • APSB11-23 – Security updates available for RoboHelp (Important)
Security update available for Adobe Shockwave Player:-
 
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.6.0.626 and earlier versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Adobe recommends users of Adobe Shockwave Player 11.6.0.626 and earlier versions update to Adobe Shockwave Player 11.6.1.629.

Security update available for Adobe Flash Media Server :-

A critical vulnerability has been identified in Adobe Flash Media Server (FMS) 4.0.2 and earlier versions, and Adobe Flash Media Server (FMS) 3.5.6 and earlier versions for Windows and Linux.
This vulnerability could allow an attacker, who successfully exploits the vulnerability, to cause a denial of service on the affected system. Adobe has provided an update to address the reported vulnerability and recommends that users update their installations to Flash Media Server 4.0.3 or 3.5.7 respectively.

Security update available for Adobe Flash Player :-

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.25 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe recommends users of Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 10.3.183.5. Users of Adobe Flash Player for Android 10.3.185.25 and earlier versions should update to Adobe Flash Player for Android 10.3.186.3. Users of Adobe AIR 2.7 for Windows and Macintosh, should update to 2.7.1 and users of AIR 2.7 for Android should update to Adobe AIR 2.7.1.1961.

Security update available for Adobe Photoshop CS5 :-

A critical vulnerability has been identified in Photoshop CS5 and CS5.1 (12.0 and 12.1) and earlier for Windows and Macintosh that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. To successfully exploit this vulnerability, an attacker would have to convince a user to open a malicious .GIF file in Photoshop CS5.

Security updates available for RoboHelp :-

An important vulnerability has been identified in RoboHelp 9 (versions 9.0.1.232 and earlier), RoboHelp 8, RoboHelp Server 9 and RoboHelp Server 8. A specially crafted URL could be used to create a cross-site scripting attack on RoboHelp installations. 

-News Source (Adobe & Help Security)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Websites hacked By ErroR (TGH)

Posted by Avik Sarkar On 8/12/2011 12:04:00 am

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

XSS Vulnerability Found On linux.com

Posted by Avik Sarkar On 8/11/2011 11:40:00 pm

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Everest Associates Of India Hacked By Master Mind (PCF)

Posted by Avik Sarkar On 8/11/2011 07:10:00 pm


Everest Associates Of India Hacked By Master Mind of Pak Cyber Force (PCF)

Hacked Site
 
http://www.everestassociates.i​n/
Mirror Link
 
http://www.zone-h.org/mirror/i​d/14645725

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Skype 5.3 Client Released for Apple Mac OS X Lion

Posted by Avik Sarkar On 8/11/2011 07:00:00 pm



(VoIP) outfit Skype has updated its client software for Apple Mac users to version 5.3, which brings support for Mac OS X 10.7 Lion. The latest version of the internet chat software provides a number of fixes and improvements to the interface according to Skype. It also includes support for high definition (HD) video calls, provided you have an HD webcam.
"On the heels of our recent update to Skype 5.2 for Mac OS X, we are pleased to announce that we are making even more improvements to our Mac client with the release of Skype 5.3 for Mac OS X."

It's been just over a month since Skype launched version 5.2. If you haven't got Mac OS X Lion, the latest version of Apple's operating system, then Skype 5.3 is compatible with older versions going back to Leopard.
Other features of the software include group video calling and group screen sharing, for an extra cost. Skype recently made a deal with Microsoft and Facebook has integrated Skype into its social networking web site for video chat. Meanwhile, Windows users are up to Skype client version 5.5, which includes instant messaging to Facebook friends.


To see the Skype blog statement click here
To download Skype for MAC click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Recovery Disk Tool of Mac OS X Lion By Apple

Posted by Avik Sarkar On 8/11/2011 07:00:00 pm


Apple Inc. on Monday released Lion Recovery Disk Assistant software to enable the users of its latest Mac OS X 10.7 Lion create recovery partitions on external storage devices.
The latest utility offered by the Cupertino, California-based iPhone maker will prove beneficial to Mac Lion users in case their hard drives go kaput.
The software will run every function that a built-in recovery drive in the Lion OS does like re-installing the OS, repairing the drive, restoration from Time Machine storage.

The Lion Recovery Disk Assistant software is available on company’s website for free download. Mac owners can easily use the utility with the help of a flash drive of minimum 1 GB storage space or more. Hard drives connected via a data cable can also be put to use.

"This drive can be used in the event you cannot start your computer with the built-in Recovery HD, or you have replaced the hard drive with a new one that does not have Mac OS X installed," Apple stated on its website.
Apple has warned its users that the new utility software will erase already stored data on the external hard drive therefore it is advisable to back up all the existing data. The recovery tool can be downloaded from the link here.

Fore More information about Lion recovery Disk Software click Here

-News Source (IT-Portal) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WikiLeaks spokesperson Daniel Started OpenLeaks For Testing & Invites 3000 Hackers To Attack It

Posted by Avik Sarkar On 8/11/2011 07:00:00 pm

WikiLeaks spinoff OpenLeaks may be long delayed from its initial plans for launch early this year. But the whistleblower project is far from dead. In fact, the volunteers behind the site would like, very literally, to see you try and kill it. At the Chaos Communications Camp hacker conference in Finowfurt, Germany Wednesday, former WikiLeaks spokesperson Daniel Domscheit-Berg launched four days of public testing of OpenLeaks.org, in partnership with four European newspapers and one non-profit group that have signed on as the initial round of outlets who will use the site’s tools to receive documents that sources wish to anonymously send them.
OpenLeaks’ testing won’t just be a mere tryout of the site’s submissions functions so much as a trial by fire: Domscheit-Berg plans to invite the 3,000 security-minded types at the German conference and anyone other willing hackers around the world to actively probe the site and seek out its vulnerabilities in a crowd-sourced penetration test. If they can demonstrate flaws that could damage its stability, its data’s security or, perhaps most importantly, the anonymity of its sources, those testers are asked to alert OpenLeaks’ team and help get the flaws fixed.

Update: the testing site will be live for now not at OpenLeaks.org, but on the Tageszeitung website here.

We need to be sure for the people who use such a system that it can’t be compromised,says Domscheit-Berg. “Whistleblowers are the ones who take the risks. And they’re the ones that get screwed if something goes wrong. So it’s inherently important for us to make these people as comfortable as possible.”
OpenLeaks also announced for the first time the names of its media partners: German newspapers Die Tageszeitung and the weekly Der Freitag, Danish paper Dagbladet Information, the Portugese newsweekly Expresso, as well as the German food- and environment-focused non-profit Foodwatch. Five other organizations are in talks with the group, Domscheit-Berg says. OpenLeaks’ security depends on those outlets as much as on Domscheit-Berg’s group of hackers. Reiner Metzger, one of three editors-in-chief of Tageszeitung, for instance, says that the paper had to remove many of the cookie-planting elements on its website, and create a “fog” of cover traffic to protect leakers. “We’ve really connected with OpenLeaks on the technological and the editorial level,” Metzger says.

Even after OpenLeaks’ testing week, Domscheit-Berg warns the site won’t be ready to go live, and the group won’t name a launch date. That may be seen as another frustrating delay for some who expected the site to start accepting WikiLeaks-style leaks as early as January. But Domscheit-Berg, who left WikiLeaks last September after a fallout with its founder Julian Assange, says that OpenLeaks won’t rush to launch at the expense of polishing the site’s security. “We stated much too early that we were going to be online,” says Domscheit-Berg. “If you want to do this correctly, it takes time.”

The group, which varies at times between five and seven volunteers, is creating tools not just for anonymous leaking but also the entire chain of submission and publishing. That includes secure ways for media partners to receive the documents so that they can decrypt it but OpenLeaks can’t, and application for them to redact the documents permanently and collaborate securely.
The difficulty of properly locking down a leak-focused site has been demonstrated in cringeworthy detail in attempts at similar projects by Al Jazeera and the Wall Street Journal. Both those outlets’ leak conduits have been criticized by the security community for making basic security mistakes and including legal fine print that fails to fully protect leakers from being exposed.
Domscheit-Berg argues that leaking sites’ security measures don’t need to be as tight as WikiLeaks’ were during Domscheit-Berg’s time with the group–they need to be tighter. Adversaries of leaking like corporations, law enforcement and intelligence, he says, have ramped up their security measures in the wake of WikiLeaks record-breaking breaches. “WikiLeaks appeared out of nowhere,” says Domscheit-Berg. “It cause a lot of new problems no one had thought about before. Now they’ve thought about this whole thing for a bit. The dust has settled. And it will never be as easy again.”

That means facilitating leakers needs to become more systematic and rigorous, Domscheit-Berg says. Later this week at the Chaos Communications Camp, OpenLeaks plans to hold a workshop for leaking sites, inviting hackers to spend a few hours probing other WikiLeaks copycat sites that have asked to be audted for flaws and creating a “best practices” checklist for anonymity and security.

--News Source (Forbes)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search