Yet another flash vulnerability has been found – Affects all versions.

Adobe has released a statement shortly after its monthly security update that it has found a new vulnerability that affects all previous versions of flash player.

Adobe issued an out of cycle security update to spear head the issue and get the vulnerability taken care of as quickly as possible. The original vulnerability was found by researchers at Trend Micro.

If you don’t update or keep your flash up to date your system can easily be compromised via a hijack website.

We strongly recommended everyone update their flash as soon as possible to help prevent the possibility of getting a virus or having your system compromised.

Trend Micro reports that this particular vulnerability is already being used in phishing attacks by a group called “Pawn Storm” on several targeted governments.

In the wake of these new vulnerabilities it begs to answer the age long question on exactly how secure flash really is. It seems like every couple of months a new vulnerability is found.

Adobe has their work cut out for them if they want to double down and actually make their plugin secure.

Source: CNET Security

New Security Flaw In Most Versions Of Windows

A new security in flaw in almost all versions of windows operating systems allows attackers to gain “complete control” of your computer.

The flaw affects all versions of Windows Vista, Windows 7, Windows 8 and 8.1 as well as Windows RT. This means that two out of every three computers running windows around the world are vulnerable. Microsoft suggests that everyone update their systems as soon as possible if you haven’t already got the update from this last Monday. In most situations Microsoft releases their patches or updates on Tuesdays, thus the term “Patch Tuesday” but this was top priority for the software developer so they issued an emergency update on Monday.

Microsoft says an attack could take place simply by visiting a web page or opening a document. This is because the vulnerability affected OpenType which is a widely used format for fonts.

This just goes to show how important updates are. You should always keep your system up to date and stay away from unknown or untrusted websites as much as possible.

Microsoft has credited the security company FireEye’s Genwei Jiang and Mateusz Jurczyk, part of Google’s Project Zero as the one’s who found the flaw and reported it.

Source: CNET Security
More info and complete list of affected operating systems can be found here.

2014 was a record year for malware according to Panda Security

As we progress into the beginning of a new year we often reflect back on the previous years mishaps, achievements and forgotten new years resolutions. But what about MALWARE?

That’s just what Panda Security has done in it’s year end annual report and the results are chilling to say the least.

Panda reports that it’s malware detection rates have doubled in comparison to it’s 2013 statistics, making 2014 the worst year for malware infections ever.

In 2014 the malware creation broke new levels, with 200,000 new samples being spotted every single day. – Panda Security Annual Report 2014

In it’s annual report panda went on to say that they detected 200,000 new samples every day as well as over 75 million new malware strains in 2014 alone.  Even though the year was filled with reports of large companies becoming victim to more and more cyber attacks, other threats have taken the spotlight in what is being considered the worst year ever for computer security. Just as an example malware like Cryptolocker which encrypts users documents and pictures and holds them for ransom, making the infected pay to get a decrypter so they can get their files back. You can read the full annual report by panda here.

The total number of malware samples in our collection is 220 million, which means that 34 percent of all malware ever created was coded in 2014. – Panda Security Annual Report 2014

As malware hits new levels we as security professionals and even baisc computer users must adapt and do the same. Which is why it’s always best to ensure you’re running up-to-date software on your computers(adobe flash, internet explorer, java, etc) and have updated and are running great antivirus software(We would recommend  you install Avast! Free Anti-Virus 2015 due to its nifty software updater feature). It is also important that you keep your operating system up-to-data via it’s updater feature to avoid potential security loop holes or exploits.