fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Adobe Fixes Critical Vulnerabilities In InDesign And Framemaker

Adobe Fixes Critical Vulnerabilities In InDesign And Framemaker

Adobe fixes critical vulnerabilities in InDesign and Framemaker

Adobe has released security updates to address twelve critical vulnerabilities that could make it possible for attackers to execute arbitrary code on devices running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager.

The rest of the total of 18 security flaws patched today are important severity bugs that could lead to arbitrary JavaScript execution in the browser via stored cross-site scripting vulnerabilities or disclosure of sensitive information via execution with unnecessary privileges.

These important severity vulnerabilities were all found in the Adobe Experience Manager (AEM) and the AEM Forms add-on package, and they affect devices on all platforms running unpatched software versions.

Adobe advises customers to update the vulnerable apps to the latest versions as soon as possible to block attacks attempting to exploit unpatched installations.

APSB20-52 Security Update Available for Adobe InDesign

Adobe has released security updates for Adobe InDesign for macOS that fix a memory corruption bugs reported by Kexu Wang of Fortinet’s FortiGuard that could lead to arbitrary code execution in the context of the current user.

macOS users should install Adobe InDesign 15.1.2 to fix these five critical vulnerabilities.

Vulnerability CategoryVulnerability ImpactSeverityCVE Number
Memory Corruption Arbitrary Code ExecutionCriticalCVE-2020-9727    CVE-2020-9728    CVE-2020-9729    CVE-2020-9730    CVE-2020-9731     

APSB20-54 Security Updates Available for Adobe Framemaker

Adobe has published security updates for Adobe Framemaker to patch out-of-bounds read and stack-based buffer overflow issues that may lead to arbitrary code execution in the context of the current user if successfully exploited on Windows devices.

Users are advised to install Adobe Framemaker 2019.0.7 immediately to fix these critical severity flaws.

Vulnerability CategoryVulnerability ImpactSeverityCVE Numbers
Out-of-Bounds Read Arbitrary code executionCriticalCVE-2020-9726 
Stack-based Buffer Overflow Arbitrary code executionCriticalCVE-2020-9725

Also read: Website Ownership Laws: Your Rights And What It Protects

APSB20-56 Security updates available for Adobe Experience Manager

Adobe has issued updates for Adobe Experience Manager and the AEM Forms add-on that fix stored and reflected cross-site scripting bugs, as well as HTML injection and execution with unnecessary privileges issues that could lead to arbitrary JavaScript execution, arbitrary HTML injection in the browser, and sensitive information disclosure.

Users should install Adobe Experience Manager 6.5.6.0 or 6.4.8.2 and AEM Forms add-on Service Pack 6 to patch these security vulnerabilities.

Vulnerability CategoryVulnerability ImpactSeverityCVE NumberAffected Versions
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserCriticalCVE-2020-9732AEM Forms SP5 and earlier
Execution with Unnecessary PrivilegesSensitive Information DisclosureImportantCVE-2020-9733AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserCriticalCVE-2020-9734AEM Forms SP5 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserImportantCVE-2020-9735AAEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserImportantCVE-2020-9736AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserImportantCVE-2020-9737AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserImportantCVE-2020-9738AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserCriticalCVE-2020-9740AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier
Cross-site scripting (stored)Arbitrary JavaScript execution in the browserCriticalCVE-2020-9741AEM Forms SP5 and earlier
Cross-site scripting (reflected)Arbitrary JavaScript execution in the browserCriticalCVE-2020-9742AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlier
HTML injectionArbitrary HTML injection in the browserImportantCVE-2020-9743AEM 6.5.5.0 and earlierAEM 6.4.8.1 and earlierAEM 6.3.3.8 and earlierAEM 6.2 SP1-CFP20 and earlier

Also read: 5 Self Assessment Tools To Find The Right Professional Fit

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us