On Wednesday at the Mobile Pwn2Own hacking contest taking place at the PacSec Applied Security Conference in Tokyo, security researchers demonstrated two iPhone exploits that leverage Apple’s Safari mobile web browser.
At Mobile Pwn2Own, team MBSD, of Japanese firm Mitsui Bussan Secure Directions, Inc., earned $40,000 for their exploit efforts which enabled them to successfully compromise the Samsung device running Google’s Android.
One of the biggest inhibitors to securing an organization’s most critical information is treating all data as if it had the same value. While it would be nice to be able to secure every bit of data or information on your network, that is a nearly impossible task.
Currently, exploit kits are mostly targeting Java related vulnerabilities. In this article we will dive into the history of exploit kits and their exploitation of other products, in order to find out what should a vendor do to better protect its customers.
In this podcast, Adobe Chief Security Officer Brad Arkin discusses the task of security the company's assets, the importance of putting roadblocks in front of attackers, the issue of "hacking back" and active defense and his own thinking around vendor bug bounty programs.