Adobe and Microsoft have both released patches this week to address vulnerabilities in respective software applications and advise all users to apply the patches as soon as possible, if applicable to them.

The Reuters news agency reported earlier today a sudden increase in violent and pornographic images and videos on Facebook.  A quick review of my personal account and a check-in with my other Facebook-wielding colleagues revealed a couple of nothing more than a couple of suggestive pictures, complete with snarky comments embedded in them, from the

A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego.  The threat is a trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware the Flashback attack uses social engineering to entice the user to download then install

Our friends (and competitors) at Sophos blogged about a new threat that poses as a Windows Update and then infects unsuspecting users with a fake antivirus product. The update appears to be very real and is tricking users. While my colleagues at Sophos offer excellent advice to help people protect themselves (as I believe we

I didn’t expect a part 5, but here it is! Adobe has announced that they will be making some significant changes to Flash. In a blog post http://blogs.adobe.com/flashplatform/2011/01/on-improving-privacy-managing-local-storage-in-flash-player.html Adobe’s marketing machine really pours it on thick, but there appears to be some good news. In the blog it is stat4ed that a future release of

In the first part of this blog I told you how to use the basic Flash configuration utility. This blog is for the techies. This time I’ll share with you how to shut the doors on Flash and only open them to the sites you want to trust. Very few people seem to know that

Adobe Flash is, in my opinion, the most ubiquitous spyware in the world and no products detect it as such. The reason it goes undetected is that it also has numerous legitimate uses, however, there is growing evidence that indicates significant abuse. This will be the first in a series of blogs in which I

Adobe has just released an update for 20 vulnerabilities in Shockwave Player, most of which could allow an attacker to execute malicious code. The bulletin APSB10-20 – Security update available for Shockwave Player – refers. According to Jeremy Kirk's Macworld report and the Adobe advisory, the vulnerabilities affect both Windows and OS X versions up to

Adobe, when I disable JavaScript, STOP SILENTLY RE-ENABLING IT WHEN YOU UPDATE….

Adobe's Product Security Incident Response Team (PSIRT) reports  that malicious emails are circulating claiming to be Adobe security updates, many of them signed by "James Kitchin" of "Adobe Risk Management", or a similar (presumably mythical) team. Adobe says that the messages include links to download instructions for a security update that addresses "CVE-2010-0193 Denial of Service