Home > Uncategorized > Security News #0x6A

Security News #0x6A

Learning More
  • Do you want to know some more about reverse engineering MS 10-058, a Windows memory corruption bug? Take a look at the work of Jérémy Fetiveau.
  • Spider Labs has a nice piece on a double free vulnerability in Flash (CVE 2014-0502) caused by some multi-threading in Flash Player.
Industry News
  • Some 162,000 WordPress sites were apparently co-opted into a DDoS attack through their pingback feature. Daniel Cid has a discussion over on the Sucuri Blog, and the Spider Labs Blog has some technical details. You may also want to take a look at Brian Krebs’ take. He is not just a reporter here; his site was on the receiving end of one of these attacks.
  • Threatpost reports that a weak random number generator in iOS 7 reduces the effectiveness of ASLR on the platform. Azimuth Security has some of the details.
  • And if you are not following the Pwn2Own competition, you can catch up a bit at Ars Technica.
Random Humor
  • Mari Huertas picked up on a comment of Tim Berners-Lee at a recent Reddit AmA, and has now declared him the "winner of the Internet". After the laughter subsides, you might want to read the summary Time magazine wrote on the 25th anniversary.
Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: