An 0-day in IE and an 0-day in Flash; two approaches to fixing OpenSSL after Heartbleed; how to get a free pass to Infosec Europe 2014; and why security happens by design and not by accident! Join Chet and Duck for another podcast in the weekly Chet Chat series…
Daily Archives: April 29, 2014
Apple fixes hole that leaked employees’ and developers’ personal info
Apple quietly slipped its Developer Center offline on Sunday night to patch a serious security hole that let anybody access personal contact information for any registered Mac, iOS or Safari developer; every Apple Retail and corporate employee; and some key partners.
AOL Mail accounts breached, users advised to change passwords
AOL users, change your passwords. AOL said it is investigating a large-scale breach of AOL Mail accounts in which user passwords, security questions, mail addresses, and contact lists were compromised.
Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash
Hot on the heels of Microsoft’s IE zero-day announcement comes an Adobe bulletin about a zero-day in Flash. (No, they’re *not* related, even though the current IE exploits use a Flash file to kick things off.)