New versions of mobile operating like Apple’s iOS and Google’s Android may be in the news of late, but for all the publicity both receive older Symbian operating systems still make up around half of all smartphones sold in 2009. Advanced Threat Researcher Paul Ferguson came across a new suspicious application running on the S60 platform: Calling itself ZvirOK , the application has one primary payload: to send a text message to the number 7250, with the text mumym xxx joker90

Read the original:
New Symbian Malware On The Scene

There’s going to be numerous updates published tomorrow by Microsoft .

See more here:
Block Flash

On Friday, Adobe released a security advisory announcing a zero-day exploit found in specific Adobe Flash Player versions. Tagged as critical, the vulnerability (CVE-2010-1297) causes the application to crash. Potentially, the underlying vulnerability could also be used to run arbitrary code, such as downloading/dropping malicious files onto the affected system.

Excerpt from:
Zero-Day Flash/Acrobat Exploit Seen In The Wild

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Apache Foundation Hit by Targeted XSS Attack + Internal investigation + Associated Atlassian breach CSRF Isn’t A Big Deal - Duh! Network Solutions Hack: Secure File Permissions Matter + Sucuri Analysis OWASP RFP Criteria Project IE 8 Security Features Could Be Turned Against Users + Slides & PoC Next-Generation Clickjacking Attacks Revealed + Tool Brokerage Firm Fined $375,000 for Unsecured Data Researcher Uncovers (Another) Major Facebook Security Exploit New Full Disclosure, Website Vulnerabilities Database Chrome Phishing 5 Reasons HTTPOnly won’t save you WhiteHat Security is a leading provider of website security services

Read more here:
Best of Application Security (Friday, Apr. 16)

Antivirus XP 2010, a clone of the Antivirus2010 family, is amongst today’s most prevalent rogue security software.

The rest is here:
Antivirus2010 – Multiple “Avatars” in a Single .exe

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. OWASP Podcast Series #61 (Richard Bejtlich) Frenchman Arrested After Hacking Into Obama’s Twitter Accounts + technical details GMail: Detecting suspicious account activity iPhone, IE, Firefox, Safari get stomped at hacker contest + Google’s Chrome Unscathed Side-Channel Leaks in Web Applications Penetrating Intranets through Adobe Flex Applications How Baidu Got Hacked by the Iranian Cyber Army + why Baidu Can’t Sue Sleuths Trace Digital Clues to Predict iPad Sales Securing your JSF pages against XSS Exploiting hard filtered SQL Injections WhiteHat Security is a leading provider of website security services.

Follow this link:
Best of Application Security (Friday, Mar. 26)

The number of serious zero-day vulnerabilities and potential exploits discovered in recent days is higher than normal.

Link:
Multiple Vendors Affected By New Vulnerabilities

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Hitler and Cloud Computing Security Microsoft SDL Core Training Classes & Tools A Big Case of …OOPS… Customer-Induced FUD NT OBJECTives Response to the Larry Suto Report Web Security Dojo v1.0 & Watcher 1.3.0 release Online finance flaw: Ameriprise III Banks, Businesses, Viruses and the UCC Breaking Weak CAPTCHA in 26 Lines of Code Finding Input Validations flaws with Taint Checking WhiteHat Security is a leading provider of website security services.

Visit link:
Best of Application Security (Friday, Feb. 26)

Within days of Adobe’s release of out-of-band security updates for both Acrobat and Reader, word now comes from security researcher Aviv Raff, of another new vulnerability in an Adobe product. The flaw was found in Adobe Download Manager (DLM), an application Adobe uses to deliver common applications (e.g., Flash and Reader ) to users’ systems.

View original post here:
New Adobe Download Manager Bug

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Microsoft’s Many Eyeballs and the Security Development Lifecycle A Comparison of DBIR with UK breach report Infrastructure vs

More here:
Best of Application Security (Friday, Feb. 19)