fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Critical vulnerabilities were patched in Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition.

Adobe patched 18 critical vulnerabilities Tuesday impacting key products Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. The out-of-band fixes address vulnerabilities allowing an attacker to execute arbitrary code, if bugs are exploited.

In its security bulletin Adobe said it was not aware of any exploits in the wild for any of the bugs.

Five of the critical flaws were discovered in versions 17.1 and earlier of After Effects. Users are encouraged to update to version 17.1.1.

The After Effects flaws include an out-of-bounds read vulnerability (CVE-2020-9661), out-of-bounds write vulnerabilities (CVE-2020-9660, CVE-2020-9662) and heap overflow flaws ( CVE-2020-9637, CVE-2020-9638).

Adobe Illustrator received five patches, including one for a buffer error (CVE-2020-9642) and memory corruption bugs (CVE-2020-9575, CVE-2020-9641, CVE-2020-9640, CVE-2020-9639).  Versions 24.1.2 and earlier of Illustrator 2020 are affected, version 24.2 of the popular illustration app has fixed the issues.

Adobe also patched three flaws in versions 1.5.12 and earlier of Premiere Rush, Adobe’s video editing app. The flaws were fixed in version 1.5.16. They included two out-of-bounds write (CVE-2020-9656, CVE-2020-9657) and an out-of-bounds read flaw (CVE-2020-9655).

Also read: 6 Simple Tips on Cyber Safety at Home

And, Adobe patched three flaws in Premiere Pro, another version of Adobe’s video editing software that is more advanced than Adobe Premiere Rush (which is instead more targeted toward YouTubers and social media creators). These include out-of-bounds write (CVE-2020-9653, CVE-2020-9654) and out-of-bounds read (CVE-2020-9652) vulnerabilities. Adobe Premiere Pro versions 14.2 and earlier are affected; users are urged to update to version 14.3.

Finally, versions 13.0.6 and earlier of Adobe’s audio app, Audition, had two critical out-of-bounds write flaws (CVE-2020-9658, CVE-2020-9659). These flaws were fixed in version 13.0.7 for Windows and macOS.

An “important” severity out-of-bounds read bug (CVE-2020-9666) enabling information disclosure was also patched in Adobe Campaign Classic, its marketing campaign management application.

The out-of-band update comes a week after Adobe’s scheduled patches, where it stomped out four critical flaws in Flash Player and in its Framemaker document processor.

FREE Webinar: Are you on top of the shifting insider threats within your business? On June 24 at 2 p.m. ET, join Threatpost and our panel of experts for a complimentary webinar, “The Enemy Within: How Insider Threats Are Changing.” Get exclusive insights on how remote working has increased the risk of insider threats, and how to gain visibility into employee behavior while striking the right balance between privacy and ease of use. Please register here for this webinar.

Also read: Cost of GDPR Compliance for Singapore Companies

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us