How many of you out there, perform a computer restart when you are prompted to do so after a software installation or update (unless forced to)? Well, if you're guilty of not doing so, you may seriously want to consider doing so from now onwards.
Some findings revealed:
"While it is true that the Adobe Download Manager is removed upon computer restart, the user, who has just updated their Adobe product (usually without the requirement to restart the computer after the update), is still exposed to forced automatic installation until they restart their computer."
"On the same day I published my last blog post, I found yet another issue — a remote code execution flaw in the Adobe Download Manager. Basically, what I found is that an attacker can force an automatic download and installation of ANY executable he desires. So, if you go to Adobe’s website to install a security update for Flash, you really expose yourself to a zero-day attack."
Full report here.
skip to main |
skip to sidebar
netizens left a footprint.
If you're lazy to hack, get all the news here!
= Why =
As a super user of the Information Highway, I hope to share my knowledge, inculcate the security culture, and to create security awareness amongst the less savvy users.
Welcome, if you're lazy to hack. :)
Welcome, if you're lazy to hack. :)
:: Twitter Feed ::
= Latest Virus Alerts =
= Safe Web Browsing Tips =
= Daily Reads =
- Security Focus
- Dark Reading
- SecurityPro News
- Net-Security
- Hacker Journals Newspaper
- MadMark's Blog
- Naked Security (Sophos)
- Sunbelt Blog
- Harry Waldron - IT Security
- Optimal Security : the Lumension Blog
- TrendLabs Malware Blog
- MX Labs - Acquired taste for SPAM viruses
- IT & Security Portal
- CSIRT
- NIST
- SANS Forensics
- HackInTheBox
- BlogSecurity.Net
- RSA: Speaking of Security
- Roger's InfoSec Blog
- Snapcrackerz
- Reverse Engineering (misunderstood)
- Hacking for Windows
- Cybexin Security Blog
- Security Monkey
- High value RSS feeds list
= On the go =
= Archives =
-
▼
2010
(213)
-
▼
February
(13)
- Rootkit-based Exploits Could Eavesdrop Smartphones
- Skeletons in Adobe's security closet
- How to Alert Connections of a Social Network Hack
- Imminent flood of smartphone malware?
- Google Attack Traced To Chinese Schools
- Microsoft Investigating Possible Breach Of Windows...
- Facebook users targeted by fake AV
- Spammers Make Situation Iffier For Google Buzz
- Security updates for Adobe Reader and Acrobat
- Various Olympics Related Dangerous Google Searches
- Adobe pushes out Flash security fix
- A Perfect Valentine’s Day
- Twitter, Google and Hi5 being abused in Prolaco wo...
-
▼
February
(13)
Labels
- 2FA (5)
- Acrobat reader (16)
- Adobe (29)
- Adware (1)
- Aerospace (2)
- AirDrop (1)
- AISP (1)
- Alphabet (1)
- Amazon (5)
- Android (40)
- Anonymous (4)
- anti-phishing (2)
- antivirus (14)
- AOL (3)
- Apple (73)
- Apple Pay (1)
- AppStore (2)
- APT (4)
- Ashley Madison hack (3)
- AsiaPac (2)
- Asus (1)
- AT&T (1)
- Aurora (6)
- Australia (2)
- AVG (3)
- badUSB (3)
- Baidu (1)
- Bank (2)
- Bash Bug (5)
- bebo (1)
- biometric (1)
- BitTorrent (2)
- Blackberry (5)
- Blackhat Asia (1)
- Blackhole (2)
- blogging (4)
- Blu-ray (1)
- bootable CDs (5)
- Bootkit (1)
- bot net (15)
- breach (39)
- brute force (3)
- BSOD (1)
- car alarms (1)
- Care2.com (1)
- CelebGate (7)
- Censys (1)
- Child safety (1)
- China hacking (21)
- Cisco (2)
- clickjacking (4)
- Cloud computing (5)
- Cloud Security (8)
- Conference (1)
- conficker (6)
- Conventions (5)
- cracking (2)
- CryptoLocker (3)
- Cyber Threat Alliance (1)
- CyberSecurity (12)
- Cybersquatting (1)
- D-link (1)
- data theft (34)
- DDOS (9)
- defaced website (7)
- defcon (1)
- Dell (1)
- directory harvesting attack (1)
- DIY (1)
- DNS cache poisoning (2)
- downadup (5)
- Drive-by attack (4)
- Dropbox (2)
- eBay (2)
- education (1)
- email (24)
- encryption (10)
- espionage (3)
- events (9)
- exploit (11)
- facebook (97)
- facebook messenger (1)
- FaceTime (1)
- fake jobs (1)
- fakeAV (1)
- FireEye Optus (2)
- firefox (11)
- Flash (8)
- Fortinet (1)
- fraud (8)
- free download (7)
- freeware (2)
- friendster (14)
- FrP (1)
- Gartner (1)
- Ghost (1)
- GitHub (1)
- gmail (12)
- google (59)
- Google buzz (1)
- google chrome (11)
- google earth (1)
- Google+ (1)
- Government Initiatives (5)
- GPS (1)
- GSM (3)
- hack (2)
- hacked (40)
- hardware (1)
- Hi5 (2)
- hoax (8)
- hotmail (5)
- HTTPS (1)
- iCloud (11)
- identity theft (70)
- illegal software (2)
- infection (47)
- Instagram (2)
- Internet (2)
- internet explorer (25)
- Internet of Things (4)
- Investment (1)
- iOS (19)
- IoT (4)
- iPad (6)
- IPcam (1)
- iphone (45)
- iPhone 5 (2)
- iPhone 6 (6)
- ISIS (2)
- ISP (1)
- ITSC (1)
- iTunes (6)
- iWorm (1)
- jailbreak (4)
- Japan (1)
- Japan Airlines (1)
- Java (1)
- javascript (8)
- Kaspersky (1)
- keylogger (1)
- kids (1)
- Kindle (1)
- koobface (1)
- leaked (3)
- Legacy (1)
- Lenovo (2)
- LinkedIn (1)
- Linux (18)
- Lizard Squad (1)
- Lollipop (2)
- Lulzsec (2)
- Lumia (1)
- Mac OS (12)
- Malaysia Airlines (1)
- malicious code (36)
- Malware (27)
- megaupload (1)
- microsoft (39)
- microsoft office (3)
- MITM attack (1)
- mobilephone (41)
- mouse (1)
- MPAA (1)
- msn (3)
- myspace (11)
- myyearbook (1)
- NAS (1)
- NASDAQ (1)
- Natural disaster (5)
- Netflix (1)
- NICs (1)
- Nokia (3)
- North Korea (2)
- NSA (2)
- Online shopping (3)
- opera (1)
- Operation Pawn Storm (1)
- OS X (2)
- Osama bin Laden (1)
- P2P (1)
- password (22)
- Paypal (2)
- pcAnywhere (1)
- phishing (51)
- Photoshop (1)
- Pinterest (2)
- piracy (1)
- Playstation (3)
- Political (2)
- powerpoint (1)
- privacy (25)
- PwC (1)
- Pwn2Own (4)
- Quicktime (1)
- ransomware (7)
- RIAA (2)
- rootkit (8)
- Routers (2)
- RSA (4)
- safari (8)
- samsung (2)
- scam (54)
- scareware (4)
- Search Engine Optimization (1)
- Search engine poisoning (10)
- security awareness (8)
- Security Operation Centre (4)
- self muse (1)
- seminar (1)
- SEO (1)
- ShellShock (5)
- Shodan (1)
- Shortened URL (1)
- Silent Circle (1)
- Singapore (9)
- Singtel (2)
- Siri (1)
- skype (6)
- Smartphone (23)
- sms (6)
- SnapChat (1)
- Snappening (2)
- social engineering (13)
- social networking (70)
- Sony (7)
- Sony Ericsson (2)
- SOPA (1)
- spam (29)
- spoofing (1)
- spyware (7)
- SQL (6)
- SQL injection (4)
- SSH backdoor (2)
- Stagefright (3)
- Steam (1)
- Stratfor (2)
- SuperFish (2)
- surveillance (2)
- Symantec (9)
- Techdays (2)
- terrorist (1)
- thoughts (2)
- ThuderBolt (1)
- tips (1)
- Tor (1)
- TorLocker (2)
- training (1)
- trojan (46)
- tumblr (2)
- Twitch (1)
- twitter (44)
- typosquatting (1)
- U2 (1)
- Unix (6)
- USB (9)
- virus (30)
- visibility (1)
- VOIP (1)
- vulnerability (12)
- war texting (1)
- Web Application Scanner (1)
- web browser (19)
- Whatsapp (5)
- WiFi (5)
- Windows (8)
- Windows 10 (1)
- Windows 7 (9)
- Windows 8.1 (2)
- Windows Live (1)
- Windows mobile (3)
- Windows Phone (1)
- Windows Vista (2)
- wireless (2)
- WireLurker (4)
- word (2)
- WordPress (9)
- worm (8)
- WormHole (1)
- Xbox (2)
- Xcode (1)
- XSS (4)
- yahoo (12)
- Yahoo Messenger (1)
- Youtube (6)
- zero day (12)
- zero day plus one (1)
netizens left a footprint.
= Disclaimer =
The author is not responsible for the actions, content or accuracy of the opinions expressed in Lazy2Hack, nor for privacy policies, products or services or for any damages or losses, directly or indirectly, caused or alleged to have been caused as a result of your use or reliance on such information. The views, conclusions, findings and opinions of the author are solely those of the author and do not necessarily reflect the views of the government of the author's local precinct or any other organization which the author may represent.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.
This website/blog includes links to other sites operated by third parties. These links are provided as a convenience to you and as an additional avenue of access to the information contained therein. The author has not reviewed all of the information on other sites and are not responsible for the content of any other sites or any products or services that may be offered through other sites. The inclusion of these links in no way indicates their endorsement, support or approval of the contents of this site or the policies or positions of Lazy2Hack.
The author reserves the right to edit, remove or deny access to content that is determined to be, in his sole discretion, unacceptable.