Adobe critical zero day vulnerability to patch

flash player

Adobe has released over this week security updates to fix critical vulnerabilities in Adobe Flash. The patches are going to address 18 vulnerabilities 15 of them allows remote code execution. CVE 2015-0313 is actively used by attackers to compromise systems

PortEx- Java Library for Static Analysis of PE File

PortEX

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. some of the features are:

GHOST a 14 year old vulnerability in Linux

ghost-vulnerabiity-in-linux

New vulnerability have been discovered by Qualys security researchers called GHOST that affect Linux based systems in the  glibc-2.2 (GNU C Library) since 2000. Ghost allow attacker to control a system without having any credentials. The vulnerability may exist on

Will 2015 Data Security Be Different Than 2014?

Depositphotos_46324909_s

The year 2014 will be remembered for sensitive security breaches with hacks against Sony Pictures and leaked photos of high-profile entertainers from Apple’s iCloud. These data breaches have caused many people to question online security and if it can be

BEST Practices for a Secure Android Phone

What does smartphone security even mean? It could mean that deleted data remains unrecoverable. If that is your definition of security, the Blackberry 10 phones might be a good choice. But perhaps security refers to the fact that no unauthorized

Google Play Store Host Application That Steal Users Account

Google Play is the source for installing application on Android smartphone devices. Malwarebytes security researchers uncovered over this week a malicious application that require  GET_ACCOUNTS permission which allow access to list of accounts. The application claims to be a wallpaper app

Cartero- E-Mail phishing framework

phishing tool

Cartero is a tool that you can use to create and send phishing emails with the command line interface, the framework include several modules and allow user to create their own module as well. the framework include the following features: