Articles about Adobe

Sales staff exodus at PernixData as Nutanix gobbles up caching biz

Analysis Amid mounting evidence that Nutanix has bought PernixData, both companies are still keeping their lips firmly and officially sealed. Pernix insiders and several well-placed industry sources have now confirmed the acquisition privately to The Register. Separately, Dan Edson – senior director of marketing operations, automation …
Chris Mellor, 04 Aug 2016

Hackers detail the blood and guts of the 2016 Pwn2Own exploit expo

Black Hat Zero Day Initiative researchers have detailed the winning hacks of this year's Pwn2Own competition, painting a picture of broken browsers and owned systems. The quartet of Matt Molinyawe, Abdul-aziz Hariri, Jasiel Spelman, and Jason Smith of Trend Micro's Zero Day Initiative vulnerability clearing house detailed and …
Darren Pauli, 04 Aug 2016
Giant burger

Juniper Networks grabs silicon photonic developer Aurrion

Juniper Networks is jumping into the silicon photonics business, with the acquisition of fabless designer Aurrion. Founded back in 2008 by Intel/IBM alumnus Dr Alexander Fang, Aurrion has spent the last eight years developing and commercialising indium phosphide-based (InP) transceivers. Integrating InP into silicon …
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Odds are your office is ill-prepared for network-ransacking ransomware

Organizations are unprepared for future strains of more sophisticated ransomware, a report by Cisco warns. The networking giant's 2016 Midyear Cybersecurity Report concludes that the next wave of ransomware is expected to be more pervasive and resilient. While current strains typically infect a single computer, future …
John Leyden, 26 Jul 2016

Firefox to banish hidden Flash files – and kill off sneaky ad snoopers

Firefox will next month automatically block invisible Flash content that users cannot see when loading a page, says Mozilla as it continues its campaign against Adobe's plugin. This should protect netizens from dodgy webpages that load hidden malicious Flash files that attempt to infect their computers with malware or perform …
Shaun Nichols, 20 Jul 2016
Mr Robot: Credit USA Network

World's worst exploit kit weaponises white hats' proof of concept code

The new wearer of the crown for World's Worst Exploit Kit is compromising users with exploit code for a dangerous new attack published by a white hat researcher. Neutrino is the new king of for-profit p0wnage packages, a market in which criminals create tools to compromise scores of users through the latest vulnerabilities. …
Darren Pauli, 18 Jul 2016
Confused/annoyed looking man looks irritated during outage. Photo via Shutterstock

Since you love Flash so much, Adobe now has TWO versions for you

Adobe says a buggy installer is the reason some people have two different versions of Flash Player on their Windows PCs. The software house told The Register it had to create an additional build of the browser plugin specifically for Microsoft's Internet Explorer after the version made for other browsers – such as Mozilla's …
Shaun Nichols, 15 Jul 2016
Woman watches TV with cat, uses remote to change channel. Photo by Shutterstock

Ad blockers responsible for rise in upfront TV ad sales, claims report

The upfront market for broadcast and cable networks has taken an unexpected U-turn from last year’s dip, seeing an increase in advertising sales of $800m to $18.6bn in the most recent completion. According to research firm Media Dynamics, this 4.5 per cent increase in TV ad revenue is a blow to OTT video platforms on PCs and …
Faultline, 15 Jul 2016
Office Space

It's 2016 and Windows lets crims poison your printer drivers

Among the Microsoft messes addressed in latest round of Patch Tuesday updates is a real doozy that allows remote attackers to compromise Windows machines thanks to a critical security vulnerability affecting printer drivers. The flaw is found in all desktop Windows since Vista and Windows Server since 2008 and means …
Darren Pauli, 13 Jul 2016
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

Webpages, Word files, print servers menacing Windows PCs – yup, it's Patch Tuesday

Microsoft will fix critical holes in Internet Explorer, Edge, Office and Windows with this month's Patch Tuesday security bundle. Meanwhile, Adobe has patched dozens of exploitable vulnerabilities in its Flash player. Redmond's July release includes 11 sets of patches, six rated as "critical" and five classified as "important …
Shaun Nichols, 12 Jul 2016
shutterstock_184661174

Huawei promo photo goof

Huawei has removed a promotional image for its Leica-branded smartphones that was actually shot by a costly professional Canon SLR kit. The Google+ post boasted that, "We managed to catch a beautiful sunrise with Deliciously Ella. The #HuaweiP9’s dual Leica cameras makes taking photos in low light conditions like this a pleasure …
Andrew Orlowski, 05 Jul 2016
Bug

SQLite developers need to push the patch

SQLite has pushed out an update to fix a local tempfile bug, to address concerns that the bug could be exploitable beyond the merely local. The bug was found by KoreLogic and reported to the popular open source database project, before being published at Full Disclosure. The issue is that SQLite creates its tempfiles in a …
lychy 01 http://www.shutterstock.com/gallery-299362p1.html

400 million Foxit users need to catch up with patched-up reader

Makers of popular PDF reader Foxit have patched 12 dangerous vulnerabilities that could have resulted in remote code execution. Some 400 million users run the flagship reader billed as an alternative to Adobe Reader. Thedozen flaws are patched in Windows and Linux variants. Users would need to be conned into opening a …
Darren Pauli, 01 Jul 2016
Sun shines on the clouds. Photo by Shutterstock

Oracle: Cloud-first for 12.2 update – on-prem world will have to wait

Oracle is cranking up the pressure on customers to consume its wares as-a-service by initially distributing the updated 12.2 database on a cloud-only basis. Talk of the shift - that will prevent the company’s existing installed base of on-premise punters from accessing new multi tenancy functions - was first spotted across the …

Police ICT Company head: Eat your cloud, cops, it's good for you

A national strategy on using public cloud services is needed so British police forces can cope with the increasing weight of unstructured data storage, the head of the Police ICT Company has said. Martin Wyke, head of the body, outlined storage as a key challenge for police because of the explosion of unstructured data, through …
Kat Hall, 22 Jun 2016

Clouds rain revenue on Adobe's business

Adobe's reported continued growth in its cloud subscriptions, but not enough to satisfy investors. Its Q2 2016 revenue rose 20.4 per cent year-on-year to US$1.4 billion on the back of Creative Cloud subscriptions: the digital media business piled on 26 per cent year-on-year to hit $943 million, with Creative Cloud chipping in …
Face Aware Liquify detects faces in images and lets you modify expressions

Not smiling for the camera? Adobe's Creative Cloud suite can fix that

Adobe is updating its Creative Cloud suite to version 2015.5 and including a new Photoshop feature which modifies facial expressions after the event. Called Face Aware Liquify, the feature extends the existing shape-bending Liquify filter with face recognition and tools to tweak eyes, nose, mouth (including smile control), …
Tim Anderson, 21 Jun 2016
Bruce Campbell in Army of Darkness

Kill Flash now. Or patch these 36 vulnerabilities. Your choice

Adobe has released an update for Flash that addresses three dozen CVE-listed vulnerabilities. The update includes a fix for the CVE-2016-4171 remote code execution vulnerability that is right now being exploited in the wild to install malware on victims' computers. Adobe is recommending that users running Flash for Windows, …
Shaun Nichols, 16 Jun 2016
Enter your password by https://www.flickr.com/photos/49889874@N05/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

GitHub presses big red password reset button after third-party breach

GitHub has reset the passwords of users targeted in an attack this week that relied on using stolen credentials from a breach at a third party site. The software repository itself has not suffered a breach. Hackers behind the assault were trying to break into the accounts of users who had inadvisedly used the same login …
John Leyden, 16 Jun 2016
Man drinks Beer. Photo by shutterstock

Forget your stupid campus party. I'm going to Frankfurt to do some HPC

HPC Blog The world's attention will be focused on Frankfurt, Germany next week for the kick-off of the fifth annual ISC'16 Student Cluster Competition. Twelve teams of university undergraduates will travel from far and wide to prove their HPC and clustering prowess in a competition that will demand everything they have – and more. …

East Euro crims pwning 'high profile' victims with Flash zero day

An eastern European group has for more than three months been using an unpatched Flash zero day vulnerability to target 'high profile' victims, Kaspersky Labs researcher Costin Raiu says. The attacks are linked to a group dubbed ScarCruft which under the Operation Daybreak has used the vulnerability since March. A patch for …
Darren Pauli, 15 Jun 2016
Open barn door

It's [insert month] of 2016, and your Windows PC can still be owned by [insert document type]

Critical fixes for Office, Internet Explorer, and Windows DNS Server highlight this month's edition of Patch Update Tuesday. The Redmond Windows slinger has kicked out 16 bulletins this month, five rated as "critical" and the remaining 11 considered "important" risks. MS16-063 addresses 10 CVE-listed vulnerabilities in …
Shaun Nichols, 14 Jun 2016
Selection of Australian banknotes

Liberal MPs paid AU$2,500 a YEAR to donor for electoral software licences

Who pays AU$2,500 for an annual software license, for a handful of users? That question is on Vulture South's mind, with the Liberal Party under fire during the election for doing just that. The nearly-but-not-quite “scandal” (for example reported here at Fairfax) centres around Liberal Party members paying what seems to be a …

Post-Safe Harbor: Adobe fined for shipping personal info to the US 'without any legal basis'

A German regulator has fined three companies for failing to change the way they share people's personal information following the invalidation of the Safe Harbor agreement last year. The Hamburg Data Commissioner fined Adobe €8,000 ($9,084), Pepsi subsidiary Punica €9,000 ($10,220) and Unilever €11,000 ($12,491) because they …
Kieren McCarthy, 07 Jun 2016
Remote control

TeamViewer denies hack after PCs hijacked, PayPal accounts drained

Updated TeamViewer users say their computers were hijacked and bank accounts emptied all while the software company's systems mysteriously fell offline. TeamViewer denies it has been hacked. In the past 24 hours, we've seen a spike in complaints from people who say their PCs, Macs and servers were taken over via the widely used remote …
Shaun Nichols, 01 Jun 2016
Image composite: Microsoft and StudioLondon http://www.shutterstock.com/gallery-893620p1.html

Microsoft warns of worm ransomware, finds fix in Windows 10 upgrade

Microsoft is warning of a wormable ransomware that infects removable drives on versions of its operating system below Windows 10. The ZCrypt scumware is distributed through old but effective methods of phishing emails, Word document macros, and fake Adobe Flash installers. It drops a warning notice in a HTML file informing …
Darren Pauli, 01 Jun 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

You've patched that Flash hole, but have the users? Phone's ringing. It's for you

Security researchers are warning of a new wave of malvertising that harnesses the latest Flash exploit. The attack features tainted ads from websites including dailymotion.com, vodlocker.com, answers.com and legacy.com. Fraudulent advertisers are posing as legitimate retail or legal businesses in order distribute "conditional …
John Leyden, 25 May 2016
Laptop user, photo via Shutterstock

Tech support locker scam poses as failed Microsoft Update

Cybercrooks have put together a new scam that falls halfway between ransomware and old school browser lockup ruses. The new class of “tech support lockers” rely on tricking users into installing either a fake PC optimiser or bogus Adobe Flash update. Once loaded the malware mimicks ransomware and locks users out of their …
John Leyden, 20 May 2016

Adobe launches Spark: Amateur graphical fun!

Adobe has launched Spark in a hope that its graphics software can be tooled for the mobile age. Launched as part of the backup-gobbling service Creative Cloud, Spark is intended to embiggen the San Jose-based business's animation suite, although it's still only available on iOS. It rebrands some of the company's apps from …
the new HTML 5 vSphere client

VMware flushes Windows vSphere client and Adobe Flash

vAdmins will soon have just one graphical option with which to operate vCenter, after VMware decided to can its Windows client and replace it and other current tools with a single HTML 5 client. VMware's blog announcing the move points out that it's already adopted HTML 5 for several other products, but has held back on …
Simon Sharwood, 19 May 2016
Arcady http://www.shutterstock.com/gallery-450076p1.html

Flash zero day phished phoolish Microsoft Office users

FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week. The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild. Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the …
Darren Pauli, 16 May 2016
virus_1_648

Kill Flash now? Chrome may be about to do just that

Google's Chrome web browser could be disabling all Flash content by default before the year's out. El Reg has learned that developers with the Chromium Project are working on a new feature known as 'HTML5 by Default'. The move could help to keep users safe by locking off a favorite target for web-based malware exploits. As …
Shaun Nichols, 13 May 2016
Arcady http://www.shutterstock.com/gallery-450076p1.html

Google crushes five bad bugs with patch run and $20k in bounties

Google has slung patches at vulnerabilities in its Chrome browser for Windows, Mac, and Linux. The patches repair five known security holes found and reported by external researchers. Google paid US$20,337 (£17,875, A$27,789) in bug bounties to researchers who reported the bugs. Software quality assurance engineer Krishna …
Darren Pauli, 13 May 2016

Adobe...sigh...issues critical patch...sigh...for Flash Player zero day

Adobe has pushed out a patch for 25 vulnerabilities in Flash Player, including one that is already being targeted in the wild. The latest fix for the internet's screen door includes a remedy for CVE-2016-4117, the remote code execution flaw that is already being exploited by criminals serving up malware-laden advertisements. …
Shaun Nichols, 12 May 2016

Criminals exploit zero day Flash vulnerability

Adobe will this week patch a critical vulnerability in Flash Player that is being actively exploited in the wild. Not information is available on the exploit (CVE-2016-4117) ahead of the patch that is set for release from tomorrow. "A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier …
Darren Pauli, 12 May 2016
band_aid_648

IE and Graphics head Microsoft's Patch Tuesday critical list

There's 15 flaw fixes covering 36 vulnerabilities in this month's patch bundle from Microsoft. Microsoft's browsers need a lot of work – Internet Explorer gets five fixes and the new Edge code has four. Both applications' patches have been named as critical by Redmond. There's also a five-fix bundle for Microsoft's graphics …
Iain Thomson, 10 May 2016
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

Six-year-old patched Stuxnet hole still the web's biggest killer

The six-year-old vulnerability first burnt by Stuxnet remains the internet's chief pwning vector and is a key instrument of the world's worst exploit kit known as Angler. The vulnerability is a hole in Windows Shell that is both long since patched and well publicised as part of its discovery in the US' Stuxnet worm, the killer …
Darren Pauli, 09 May 2016
Phrack zine logo

Crack'n'hack stack Phrack's back, Jack!

More than four years since its previous issue, iconic hacker zine Phrack has published a new issue. Phrack issue number 69 contains articles from researchers Aaron Portnoy and Alisa Esage, as well as articles on OS X rootkits and exploiting Ruby on Rails. Other topics include the history of hacker groups, Adobe Flash Player …
Shaun Nichols, 06 May 2016

'I thought my daughter clicked on ransomware – it was the damn Windows 10 installer'

At the end of April, Microsoft's Windows 10 nagware interrupted a live TV weather broadcast to urge meteorologist Metinka Slater to upgrade her computer. A week later, while playing Counter Strike: Global Offensive to 130,000 spectators on Twitch.tv, Erik Flom was blasted out of his match by the Windows 10 installer. This was …
Chris Williams, 06 May 2016
Piranha fish pattern illustration

Adobe Reader update

Adobe is preparing a patch for Acrobat and Reader. The cross-platform update - applicable to both Windows and Macs - earns a security rating of less than critical (priority 2 in Adobe’s lexicon). Updated software is due to land on Tuesday (10 May). ® Piranha fish pattern illustration
John Leyden, 05 May 2016
Cat from Cisco TV ad

Cisco: Whoops, hackers can commandeer your TelePresence boxes with a devilish HTTP poke

Cisco has released three security patches to address flaws in its TelePresence, FirePower and Adaptive Security Appliance lines. The May bundle includes one patch classified by Cisco as "critical" and two more labeled "high" risks. In total, the updates remedy three CVE-listed security vulnerabilities: For TelePresence …
Shaun Nichols, 04 May 2016

US telly stations fling malware-tipped web ads at unsuspecting surfers

A rogue advertiser abused the Taggify self-serve ad platform to inject malware-installing code into browsers visiting the websites of two US TV stations. It was a textbook malvertising attack: to infect victims' PCs, the dodgy ads used the Angler Exploit Kit, which is a grab bag of code that exploits weaknesses in Adobe Flash …
John Leyden, 04 May 2016
Type arms of an old typewriter

Mega mail breach fears

Webmail passwords of millions of users are allegedly for sale. Hundreds of millions of usernames and passwords - purportedly for Mail.ru, GMail, Yahoo Mail and Microsoft email accounts - are on sale through Russian cybercrime bazaars, according to security expert Alex Holden. Most of the stolen data refers to mail.ru accounts …
John Leyden, 04 May 2016

Adobe gobbles LiveFyre

Adobe says it has agreed to acquire comments widget-builder LiveFyre. Terms of the deal were not disclosed. Adobe says that it will be bundling the LiveFyre tools into its Marketing Cloud package as a way for businesses and publishers to manage and share user comments across multiple sites. The deal is expected to close "in …
Shaun Nichols, 03 May 2016

Legal fight against USA Today's news app info-flogging OK'd by court

A US judicial panel has greenlighted a lawsuit over the way mobile apps handle people's private information. The US First Circuit Court of Appeals overturned an earlier ruling throwing out a lawsuit filed by Alexander Yershov against newspaper publisher Gannett alleging misuse of personally identifiable information. In doing …
Shaun Nichols, 02 May 2016
HBO: Game of Thrones

Game of P0wns: Malvertising menace strikes Pirate Bay season six downloads

Scores of Game of Thrones pirates may have had computers encrypted by ransomware after malvertisers served the dangerous malware through the Pirate Bay during the mega-series' season six première last weekend. MalwareBytes researcher Jerome Segura says the hard-working Magnitude exploit kit authors were able to target pirates …
Darren Pauli, 27 Apr 2016

Adobe scrambles to untangle itself from QuickTime after Apple throws it over a cliff

Apple has finally informed its customers that it is no longer supporting QuickTime for Windows. Adobe, whose code is intertwined with QuickTime, is having to do a rapid reworking of its software to avoid putting users at risk. Last week, Trend Micro went public with the news that Apple had dumped support QuickTime for Windows …
Iain Thomson, 22 Apr 2016

Emergency Adobe patch

Adobe has shipped an out-of-band patch for its AppMeasurement tool. The patch for Analytics AppMeasurement for Flash library, CVE-2016-1036, covers version 4 of the code and earlier builds and is rated "Important" by Adobe. It can be exploited by DOM-based cross-site scripting attacks when debugTracking is enabled. The firm …
Iain Thomson, 21 Apr 2016

Magnitude malvertisers spew 400 attacks from abused Scot ad firm

Malwarebytes researcher Jerome Segura says more than 400 malicious advertisements have been shipped through ad network AdsTerra in two weeks. The advertisements are slinging the hugely successful Magnitude exploit kit which has been the most impactful and prolific of exploit kits used in recent malvertising campaigns. Emails …
Darren Pauli, 21 Apr 2016
Flash Gordon

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash. All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to a new study [PDF] from NTT Group. In 2013, by contrast, the top 10 vulnerabilities …
John Leyden, 19 Apr 2016