Cyber Security

A serious attack involving a widely used Web communication format is exposing millions of end users’ authentication credentials on sites including eBay, Tumblr, and Instagram, a well-respected security researcher said Tuesday. The exploit—which stems from the ease of embedding malicious commands into Adobe Flash files before they’re executed—has been largely mitigated by a Flash security update Adobe released Tuesday morning to coincide with a technical analysis of the threat, including proof-of-concept exploit code. It will take days or weeks for a meaningful percentage of end users to install the fix, so the researcher who wrote the advisory is warning engineers at large websites to make server-side changes that will minimize the damage attackers can inflict on visitors.

Read the full story at Ars Technica.

Top Stories

Share this post

Like it? Tweet it.

"A Serious New Internet Threat is Attacking Instagram, eBay and More" by @ShellyPalmer