Date Author Title

ADOBE CLIENT ATTACK TV DIGITAL CONTENT

2009-04-20Jason LamDigital Content on TV

ADOBE

2021-12-28/a>Russ McReeLotL Classifier tests for shells, exfil, and miners
2018-11-21/a>Johannes UllrichCritical Vulnerability in Flash Player
2016-10-26/a>Johannes UllrichCritical Flash Player Update APSB16-36
2016-09-13/a>Rob VandenBrinkApple iOS 10 and 10.0.1 Released
2016-06-17/a>Johannes UllrichCritical Adobe Flash Update. Patch Now
2016-05-12/a>Xavier MertensAdobe Released Updates to Fix Critical Vulnerability
2016-03-08/a>Rick WannerCritical Adobe Updates - March 2016
2016-02-09/a>Johannes UllrichAdobe Patch Tuesday - February 2016
2015-12-28/a>Rick WannerAdobe Flash and Adobe AIR Updates - https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
2015-10-16/a>Alex StanfordAdobe Flash Update
2015-10-13/a>Alex StanfordAdobe Updates Acrobat and Adobe Reader
2015-10-09/a>Guy BruneauAdobe Acrobat and Reader Pre-Announcement
2015-09-19/a>Didier StevensDon't launch that file Adobe Reader!
2015-07-27/a>Daniel WesemannAngler's best friends
2015-07-14/a>Johannes UllrichAdobe Updates Flash Player, Shockwave and PDF Reader
2015-07-12/a>Rick WannerAnother Adobe Flash Zero Day http://www.kb.cert.org/vuls/id/338736
2015-06-23/a>Kevin ShorttAdobe Flash Player Update - https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
2015-02-05/a>Johannes UllrichAdobe Flash Player Update Released, Fixing CVE 2015-0313
2015-02-02/a>Stephen HallNew Adobe Flash Vulnerability - CVE-2015-0313
2015-01-26/a>Russ McReeAdobe updates Security Advisory for Adobe Flash Player, Infocon returns to green
2015-01-23/a>Adrien de BeaupreInfocon change to yellow for Adobe Flash issues
2014-11-11/a>Johannes UllrichAdobe Flash Update
2014-10-14/a>Johannes UllrichAdobe October 2014 Bulletins for Flash Player and Coldfusion
2014-08-12/a>Adrien de BeaupreAdobe updates for 2014/08
2014-04-28/a>Russ McReeAdobe Security Bulletin: Security updates available for Adobe Flash Player http://adobe.ly/QVjO72
2014-04-08/a>Rick WannerSecurity Updates available for Adobe Flash Player - http://helpx.adobe.com/security/products/flash-player/apsb14-09.html
2014-03-13/a>Daniel WesemannAdobe Shockwave Player critical update: http://helpx.adobe.com/security/products/shockwave/apsb14-10.html
2014-03-11/a>Johannes UllrichAdobe Updates: Flash Player
2014-02-20/a>Stephen HallAbobe out of band patch announcement (APSB14-07)
2014-02-11/a>Johannes UllrichAdobe February 2014 Patch Tuesday
2014-02-04/a>Johannes UllrichAdobe Flash Player Emergency Patch
2014-01-14/a>Johannes UllrichAdobe Patch Tuesday January 2014
2013-12-21/a>Daniel WesemannAdobe phishing underway
2013-12-10/a>Rob VandenBrinkAdobe Updates today as well.
2013-11-22/a>Rick WannerTales of Password Reuse
2013-10-09/a>Johannes UllrichOther Patch Tuesday Updates (Adobe, Apple)
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-10-04/a>Johannes UllrichThe Adobe Breach FAQ
2013-10-03/a>Johannes UllrichOctober Patch Tuesday Preview (CVE-2013-3893 patch coming!)
2013-09-10/a>Swa FrantzenAdobe September 2013 Black Tuesday Overview
2013-07-09/a>Swa FrantzenAdobe July 2013 Black Tuesday Overview
2013-06-11/a>Swa FrantzenAdobe June 2013 Black Tuesday Overview
2013-05-14/a>Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-10/a>Johannes UllrichMicrosoft and Adobe Patch Tuesday Pre-Release
2013-05-09/a>John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-05-08/a>Johannes Ullrich"De Flashing" the ISC Web Site and Flash XSS issues
2013-04-09/a>Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-03-12/a>Swa FrantzenAdobe March 2013 Black Tueday
2013-02-27/a>Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-20/a>Johannes UllrichUpdate Palooza
2013-02-17/a>Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13/a>Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-02-07/a>John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-09/a>Rob VandenBrinkSecurity Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html
2013-01-08/a>Richard PorterAdobe Security Bulletins http://blogs.adobe.com/psirt/2013/01/adobe-security-bulletins-posted-4.html
2013-01-04/a>Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-11-08/a>Daniel WesemannAdobe Patches
2012-10-09/a>Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-08-21/a>Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-14/a>Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-06-12/a>Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-05-25/a>Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-05-12/a>Tony CarothersAdobe Update to Vulnerabilities
2012-05-04/a>Guy BruneauAdobe Security Flash Update
2012-04-10/a>Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06/a>Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-03-28/a>Kevin ShorttAdobe Flash Player APSB12-07 - 28 March 2012
2012-03-05/a>Johannes UllrichAdobe Flash Player Security Update
2012-02-16/a>Johannes UllrichAdobe Flash Player Update
2012-02-14/a>Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-01-10/a>Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2011-12-13/a>Johannes UllrichDecember 2011 Adobe Black Tuesday
2011-12-08/a>Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-07/a>Lenny ZeltserAdobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
2011-11-11/a>Rick WannerAdobe Air updated to 3.1.0.4880
2011-11-08/a>Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-10-05/a>Johannes UllrichAdobe SSL Certificate Problem (fixed)
2011-10-01/a>Mark HofmanAdobe Photoshop for Windows Vulnerability (CVE-2011-2443)
2011-09-21/a>Swa FrantzenEmergency patch expected for Flash Player
2011-09-21/a>Guy BruneauAdobe Release Flash Player 10.3.183.10 available at http://get.adobe.com/flashplayer/
2011-09-09/a>Guy BruneauAdobe plan to release critical security updates next Tuesday for Acrobat and Reader http://www.adobe.com/support/security/bulletins/apsb11-24.html
2011-09-09/a>Guy BruneauAdobe Publish its List of Trusted Root Certificate - http://www.adobe.com/security/approved-trust-list.html
2011-08-26/a>Daniel WesemannAdobe Flash stability update to 10.3.183.7. See http://forums.adobe.com/message/3883150
2011-08-09/a>Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-06-30/a>Guy BruneauAdobe Release Flash Player 10.3.181.34 available at http://get.adobe.com/flashplayer/
2011-06-14/a>Swa FrantzenAdobe releases patches
2011-06-06/a>Johannes UllrichAdobe releases Flash Player patch on a Sunday to combat latest 0day http://www.adobe.com/support/security/bulletins/apsb11-13.html
2011-05-12/a>Chris MohanSecurity updates available for Flash Player, RoboHelp, Audition, and Flash Media Server
2011-04-21/a>Guy BruneauAdobe Reader and Acrobat Security Updates
2011-04-14/a>Johannes UllrichUpdate to Adobe Flash 0-day: Patch will be out soon
2011-04-11/a>Johannes UllrichYet another Adobe Flash/Reader/Acrobat 0 day
2011-03-22/a>Kevin ShorttAdobe Reader/Acrobat Security Update - http://www.adobe.com/support/security/bulletins/apsb11-06.html
2011-03-14/a>Bojan ZdrnjaAdobe Flash 0-day being used in targeted attacks
2011-03-02/a>Chris MohanUpdates: Firefox 3.6.14/3.5.17, Thunderbird 3.1.8, Adobe Flash v10.2.152.32 & WireShark 1.4.4
2011-02-09/a>Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-01-06/a>Johannes UllrichFlash Local-with-filesystem Sandbox Bypass
2010-11-22/a>Lenny ZeltserAdobe Acrobat Spam Going Strong - More to Come?
2010-11-19/a>Jason LamAdobe Reader X - Sandbox
2010-11-04/a>Johannes UllrichToday's Adobe Patches and Vulnerablities
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-06/a>Robert DanfordAdobe updates: http://www.adobe.com/support/security/bulletins/apsb10-21.html
2010-09-14/a>Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-13/a>Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-25/a>Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-08-19/a>Rob VandenBrinkDon points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-18/a>Guy BruneauAdobe out-of-cycle Updates
2010-08-10/a>Jason LamAdobe critical security updates
2010-08-05/a>Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-21/a>Adrien de BeaupreAdobe Reader Protected Mode
2010-06-29/a>donald smithAdobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297
2010-06-16/a>Kevin ShorttAdobe Flash Player 10.1 - Security Update Available
2010-06-09/a>Deborah HaleAdobe POC in the Wild
2010-06-09/a>Deborah HaleBest Practice to Prevent PDF Attacks
2010-06-05/a>Guy BruneauSecurity Advisory for Flash Player, Adobe Reader and Acrobat
2010-05-12/a>Rob VandenBrinkAdobe Shockwave Update
2010-04-13/a>Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-04-09/a>Mark HofmanAdobe launch issue response/work around.
2010-03-31/a>Johannes UllrichPDF Arbitrary Code Execution - vulnerable by design.
2010-02-16/a>Robert DanfordAdobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-12/a>G. N. WhiteAdobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 released to correct vulnerability CVE-2010-0186 Details: http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-02/a>Guy BruneauAdobe ColdFusion Information Disclosure
2010-01-21/a>Chris CarboniSecurity Update Available for Shockwave Player
2010-01-14/a>Bojan ZdrnjaPDF Babushka
2010-01-12/a>Johannes UllrichMicrosoft Advices XP Users to Uninstall Flash Player 6
2010-01-12/a>Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07/a>Daniel WesemannStatic analysis of malicious PDFs
2010-01-07/a>Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2009-12-15/a>Johannes UllrichAdobe 0-day in the wild - again
2009-12-09/a>Swa FrantzenAdobe flash player and air patched
2009-12-03/a>Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-03/a>Bojan ZdrnjaAdobe released Shockwave Player 11.5.2.602 which fixes several critical security vulnerabilities
2009-10-13/a>Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-10-08/a>Johannes UllrichNew Adobe Vulnerability Exploited in Targeted Attacks
2009-08-18/a>Deborah HaleSecurity Bulletin for ColdFusion and JRun
2009-07-31/a>Deborah HaleAdobe Patch is out
2009-07-22/a>Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-06-24/a>Kyle HaugsnessAdobe Shockwave Player Update
2009-06-09/a>Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-24/a>Raul SilesAnalyzing malicious PDF documents
2009-05-22/a>Mark HofmanPatching and Adobe
2009-05-12/a>Swa FrantzenAdobe Acrobat (reader) patches released
2009-05-01/a>Adrien de BeaupreAdobe Flash Media Server privilege escalation security bulletin
2009-04-29/a>Jason LamTwo Adobe 0-day vulnerabilities
2009-04-20/a>Jason LamDigital Content on TV
2009-03-18/a>Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10/a>Swa FrantzenAdobe Acrobat 9.1 released
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25/a>Andre LudwigAdobe flash player patch
2009-02-25/a>Andre LudwigPreview/Iphone/Linux pdf issues
2008-12-05/a>Daniel WesemannBeen updatin' your Flash player lately?
2008-11-17/a>Jim ClausingCritical update to Adobe AIR
2008-11-11/a>Swa FrantzenAcrobat continued activity in the wild
2008-11-06/a>Joel EslerMore Adobe Updates
2008-10-15/a>Mari NicholsAdobe Flash 10 Released
2008-07-17/a>Mari NicholsAdobe Reader 9 Released
2008-07-11/a>Raul SilesHow to Determine if Adobe Acrobat or Reader 8.1.2 Security Update 1 is Installed?
2008-05-27/a>Adrien de BeaupreAdobe flash player vuln
2008-05-12/a>Scott FendleyAdobe Releases Security Updates
2008-04-09/a>Raul SilesCritical vulnerabilities in Adobe Flash Player
2008-03-20/a>Joel EslerPotential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?
2008-03-12/a>Joel EslerAdobe security updates
2006-11-29/a>Toby KohlenbergNew Adobe vulnerability
2006-11-14/a>Jim ClausingMS06-069: Adobe Flash Player
2006-11-14/a>Swa FrantzenAdobe Flash update available
2006-09-12/a>Swa FrantzenAdobe Flash player upgrade time

CLIENT

2022-05-23/a>Johannes UllrichAttacker Scanning for jQuery-File-Upload
2022-02-14/a>Johannes UllrichReminder: Decoding TLS Client Hellos to non TLS servers
2021-10-18/a>Xavier MertensMalicious PowerShell Using Client Certificate Authentication
2014-04-11/a>Rob VandenBrinkThe Other Side of Heartbleed - Client Vulnerabilities
2010-01-24/a>Pedro BuenoOutdated client applications
2009-04-20/a>Jason LamDigital Content on TV

ATTACK

2024-01-08/a>Jesse La GrewWhat is that User Agent?
2022-08-10/a>Johannes UllrichAnd Here They Come Again: DNS Reflection Attacks
2022-03-26/a>Guy BruneauIs buying Cyber Insurance a Must Now?
2022-02-03/a>Johannes UllrichKeeping Track of Your Attack Surface for Cheap
2021-02-01/a>Rob VandenBrinkTaking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers
2019-08-25/a>Guy BruneauAre there any Advantages of Buying Cyber Security Insurance?
2019-07-20/a>Guy BruneauRe-evaluating Network Security - It is Increasingly More Complex
2017-09-06/a>Adrien de BeaupreModern Web Application Penetration Testing , Hash Length Extension Attacks
2016-11-02/a>Rob VandenBrinkWhat Does a Pentest Look Like?
2016-06-03/a>Tom ListonMySQL is YourSQL
2015-03-18/a>Daniel WesemannPass the hash!
2015-02-19/a>Daniel WesemannDNS-based DDoS
2014-02-26/a>Russ McReeOngoing NTP Amplification Attacks
2014-02-17/a>Chris MohanNTP reflection attacks continue
2013-12-02/a>Richard PorterReports of higher than normal SSH Attacks
2013-08-19/a>Guy Bruneau Business Risks and Cyber Attacks
2013-07-27/a>Scott FendleyDefending Against Web Server Denial of Service Attacks
2013-07-13/a>Lenny ZeltserDecoy Personas for Safeguarding Online Identity Using Deception
2012-10-05/a>Richard PorterReports of a Distributed Injection Scan
2011-12-28/a>Daniel WesemannHash collisions vulnerability in web servers
2011-12-01/a>Mark HofmanSQL Injection Attack happening ATM
2011-09-28/a>Richard PorterAll Along the ARP Tower!
2011-01-23/a>Richard PorterCrime is still Crime!
2010-12-23/a>Mark HofmanWhite house greeting cards
2010-08-16/a>Raul SilesDDOS: State of the Art
2010-08-15/a>Manuel Humberto Santander PelaezObfuscated SQL Injection attacks
2010-08-13/a>Tom ListonThe Strange Case of Doctor Jekyll and Mr. ED
2010-03-15/a>Adrien de BeaupreSpamassassin Milter Plugin Remote Root Attack
2010-01-29/a>Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2009-11-11/a>Rob VandenBrinkLayer 2 Network Protections against Man in the Middle Attacks
2009-08-28/a>Adrien de BeaupreWPA with TKIP done
2009-06-04/a>Raul SilesTargeted e-mail attacks asking to verify wire transfer details
2009-04-20/a>Jason LamDigital Content on TV
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-03-20/a>donald smithStealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit.
2009-02-25/a>Swa FrantzenTargeted link diversion attempts
2009-01-30/a>Mark HofmanRequest for info - Scan and webmail
2009-01-18/a>Maarten Van HorenbeeckTargeted social engineering
2008-12-03/a>Andre LudwigNew ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year?
2008-07-09/a>Johannes UllrichUnpatched Word Vulnerability
2008-05-26/a>Marcus SachsPredictable Response
2008-03-27/a>Maarten Van HorenbeeckGuarding the guardians: a story of PGP key ring theft

TV

2025-03-31/a>Johannes UllrichApple Patches Everything: March 31st 2025 Edition
2024-10-28/a>Johannes UllrichApple Updates Everything
2023-12-11/a>Johannes UllrichApple Patches Everything
2023-10-23/a>Johannes UllrichHow an AppleTV may take down your (#IPv6) network
2022-03-14/a>Johannes UllrichApple Updates Everything: MacOS 12.3, XCode 13.3, tvOS 15.4, watchOS 8.5, iPadOS 15.4 and more
2022-01-27/a>Johannes UllrichApple Patches Everything
2021-10-07/a>Johannes UllrichWho Is Hunting For Your IPTV Set-Top Box?
2018-01-23/a>Johannes UllrichApple Updates Everything, Again
2015-02-08/a>Rob VandenBrinkRaising the "Creep Factor" in License Agreements
2014-07-01/a>Johannes UllrichApple Releases Patches for All Products
2014-02-21/a>Jim ClausingApple updates iOS and Apple TV
2009-04-20/a>Jason LamDigital Content on TV

DIGITAL

2020-03-24/a>Russ McReeAnother Critical COVID-19 Shortage: Digital Security
2018-11-19/a>Xavier MertensThe Challenge of Managing Your Digital Library
2017-09-25/a>Renato MarinhoXPCTRA Malware Steals Banking and Digital Wallet User's Credentials
2010-11-17/a>Guy BruneauReference on Open Source Digital Forensics
2010-05-22/a>Rick WannerSANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2010-05-21/a>Rick Wanner2010 Digital Forensics and Incident Response Summit
2009-04-20/a>Jason LamDigital Content on TV

CONTENT

2009-04-20/a>Jason LamDigital Content on TV
2008-03-30/a>Mark HofmanMail Anyone?