Welcome to this week’s security review, which includes an online safety guide for families over the years, the repercussions of last year’s data breach at TalkTalk, and a warning from Adobe of a Flash zero-day vulnerability.

Online safety for families across the years

Looking for a handy guide to cyber-parenting in the 21st century, one that gives you an overview of how best to respond as your child grows? WeLiveSecurity put together just that – top tips for children under the age of five right up to 16. Keep on top of your cybersecurity game, whatever the age of your children.

TalkTalk profits halve following last year’s major cyberattack

cyberattack

Following last year’s major data breach, TalkTalk revealed that the cost of the cyberattack was $60.7 million, highlighting how financially damaging such incidents can be. While profits were down to $20 million compared with $46 million for the same period last year, the company’s chief executive, Dido Harding, remarked that TalkTalk had “bounced back strongly … following the cyberattack”.

Adobe warns of Flash zero-day vulnerability

“As I write this, if you’re running Adobe Flash on your Windows, Mac, Linux or Chrome OS computer you’re potentially at risk,” remarked the independent security analyst Graham Cluley. The expert was commenting on Adobe’s latest security advisory, which stated that a vulnerability had been identified. Mr Cluley said: “Obviously it makes sense to run a layered defence on your computer systems, which includes keeping your antivirus and other software updated.”

Exploiting 1-byte buffer overflows

explotando-buffer-overflows

ESET’s Matias Porolli took readers through the process of “another classic buffer overflow vulnerability”. This, he explained, is where the ebp register is moved to execute a arbitrary code.

After authentication comes authorization and access control

In the second part of her series on the Four “A”s of Account Management, ESET’s Lysa Myers shifted her focus to authorization and access control. The security expert explained that these relate to enforcing access policies, adding: “To have successful authorization and access control schemes, you need two things: good authentication, and good policies.”

Top tech firms ordered to disclose approach to mobile patches

smartphone

Apple, Blackberry, Google, HTC America, LG Electronics USA, Microsoft Corp, Motorola Mobility and Samsung Electronics America were “ordered” to disclose their approach to mobile device security updates. The Federal Trade Commission made the request, explaining that this is seeks greater transparency and understanding of this process across the most successful mobile device providers.