About the security content of Studio Display Firmware Update 16.4

About the security content of Studio Display Firmware Update 16.4 This document describes the security content of Studio Display Firmware Update 16.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has...

Details of an NSA Hacking Operation

Pangu Lab in China just published a report of a hacking operation by the Equation Group aka the NSA. It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers aka some Russian group. …the scope of victims exceeded 287 targets in 45 countries,...

Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool

Researchers from China's Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat APT with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency NSA. Dubbed "Bvp47" owing to numerous...

Internet Bug Bounty: Adobe Flash Player ShimAdPolicySelector(adPolicySelectorType=0) class Memory Corruption

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimAdPolicySelector.selectAdBreaksToPlay. ------------------------------------------------------------------ II. Description Normally, selectAdBreaksToPlay should validate...

Internet Bug Bounty: Adobe Flash Player TimedEvent.parent Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of uninitialize memory of TimedEvent.parent. ------------------------------------------------------------------ II. Description Normally, TimedEvent class should initialize the memory of its parent...

Internet Bug Bounty: Adobe Flash Player ShimContentResolver(resolverType=1) class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimContentResolver.resolve. ------------------------------------------------------------------ II. Description Normally, resolve should validate its parameter with...

Internet Bug Bounty: Adobe Flash Player ShimOpportunityGenerator class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimOpportunityGenerator.configure. ------------------------------------------------------------------ II. Description Normally, configure should validates its parameter an...

Internet Bug Bounty: Adobe Flash Player ShimContentFactory.retrieveResolvers Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimContentFactory.retrieveResolvers. ------------------------------------------------------------------ II. Description Normally, retrieveResolvers should validates its...

Internet Bug Bounty: Adobe Flash Player ShimContentFactory class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimContentFactory.retrieveOpportunityGenerators. ------------------------------------------------------------------ II. Description Normally, retrieveOpportunityGenerators...

Internet Bug Bounty: Adobe Flash Player OpportunityGenerator class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of OpportunityGenerator.update. ------------------------------------------------------------------ II. Description Adobe Flash is a multimedia and software platform used for...