Welcome, Guest |
You have to register before you can post on our site.
|
|
|
Welcome Guest!
|
Welcome to the Promo2day Community, where we feature software giveaways, computer discussion, along with a fun, safe atmosphere! If your reading this it means you are not yet registered.
You will need to Register before you can make posts, chat or enter the forum giveaways.
Be sure to also visit the Help/FAQ page.
|
Get Free Software and Big Discount from Joyoshare 2018 Thanksgiving Offer |
Posted by: Wlee2060 - 11-22-2018 , 12:53 PM - Forum: Hot Deals & Discounts
- No Replies
|
|
Hi,
Joyoshare, a professional multimedia software provider, now offers a big sale at its 2018 Thanksgiving & Black Friday promotion. You can get a free giveway of its new product Joyoshare LivePhoto Converter and up to 70% off discount on its other featured software like iPhone Data Recovery, Media Cutter, Screen Recorder, Video Converter, and so on.
For more info, please visit its promo page here: https://www.joyoshare.com/special/2018-t...ing-sales/
Regards,
William
|
|
|
America's Northernmost Town Descends into 65 Days of Darkness After Sunday's Sunset |
Posted by: tarekma7 - 11-22-2018 , 12:39 PM - Forum: Off Topic Chat
- No Replies
|
|
Quote:Residents of America's northernmost town, Utqiaġvik, Alaska – formerly known as Barrow – will watch the sun dip below the horizon for the final time in 2018 Sunday afternoon, marking the beginning of "polar night," 65 consecutive days of near-darkness in this city north of the Arctic Circle.
Sunday's sunrise will occur at 12:40 p.m. AKST, with sunset happening just over an hour later at 1:44 p.m. AKST. The sun won't make an appearance again until the next sunrise Jan. 23 at 1:04 p.m. AKST. Alaska Standard Time is four hours behind Eastern Standard Time.
SOURCE
|
|
|
How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities |
Posted by: tarekma7 - 11-22-2018 , 12:19 PM - Forum: Security News
- No Replies
|
|
Quote:When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than their company.
In a blog post by Dropbox, they explain how they routinely perform attack simulations to test the effectiveness of their security systems and policies. In a recent test, Dropbox's goal was to test how well their systems could detect and track a successful breach.
"We’ve invested a lot in our hardening, detection, alerting, and response capabilities at Dropbox," stated Chris Evans, Head of Security, in a blog post. "Even if an attacker breaks in and accesses various systems in our environments without triggering an alarm, we have extensive instrumentation to trace activity post-exploitation. So how do we know we’re doing a good job? That’s the kind of testing we were going for with our most recent attack simulation. Our testing goals included measuring the steady-state of our detection and alerting program, as well as measuring our team’s response when a breach has been identified. Identifying new ways to break into Dropbox was in scope for this engagement, but even if none were found, we were going to simulate the effects of a breach by just planting malware ourselves (discretely, of course, so as not to tip off the detection and response team)."
What they did not expect, though, was for their external security partner Syndis to discover multiple zero-day vulnerabilities in Apple software. When these vulnerabilities were chained together, they could allow commands to be remotely executed on a vulnerable macOS computer simply by visiting a malicious web site.
These vulnerabilities were disclosed to Apple by Syndis and Dropbox on February 19th and fixed within a month with the release of their March 29th, 2018 security updates.
READ THE FULL ARTICLE HERE
|
|
|
Adobe Flash Player Update Released for Remote Code Execution Vulnerability |
Posted by: tarekma7 - 11-22-2018 , 12:11 PM - Forum: Security News
- No Replies
|
|
Quote:Adobe released a security update yesterday that resolves a critical vulnerability in Flash Player that could allow malicious sites to execute code on your computer.
According to the Adobe APSB18-44 bulletin, this vulnerability has a CVE ID of CVE-2018-15981 and is a Type Confusion vulnerability that could allow remote code execution. This means that an attacker can create a malicious SWF file, host it on a web site, and exploit vulnerable visitors when they browse the site. This would then allow them to execute any command on the computer such as downloading and installing malware.
A security update for Adobe Flash Player was already released this month on November 13th along with updates for other products. The reason Adobe has released another update is because the technical information regarding this vulnerability has already been posted online and could be used by attackers to create a working exploit.
It seems that on the same day that the November 13th Flash Player update was released, a blog post was published that provided a detailed overview of a type confusion vulnerability in Flash Player.
TLDR; There’s a bug in Adobe Flash," stated the blog post. "The interpreter code of the Action Script Virtual Machine (AVM) does not reset a with-scope pointer when an exception is caught, leading later to a type confusion bug, and eventually to a remote code execution."
According to Eduard Kovacs of Security Week, this blog belongs to an Israel-based researcher name Gil Dabah. It is not known why the vulnerability was disclosed publicly.
Ultimate, if for you are still using Flash for some reason, you need to update immediately in order to protect yourself while browsing the web. To resolve this vulnerability, users can upgrade to Adobe Flash Player 31.0.0.153.
SOURCE
|
|
|
|