2. Adobe Patches Zero-Day XSS Flaw, Six Other
Bugs in Flash Player
Microsoft's February Patch Tuesday Kills 21
Security Bugs
Google patches 14 vulnerabilities in Chrome
Offensive Security Release Backtrack5 R2
Linux Kernel 3.2.9 - 1st March 2012
3. Adobe released a security update addressing
seven critical vulnerabilities in its Flash Player
software on Feb 15 2012
A universal XSS bug in Flash found by Google
4 memory corruption vulnerabilities and two
security bypass vulnerabilities that could lead
to code execution
4. Microsoft's February Patch Tuesday Kills 21 Security
Bugs
9 Security Bulletins for IE and the Windows operating
system, Microsoft Office and .NET/Silverlight
Four rated critical for IE
Windows Kernel (MS12-008), the .NET/Silverlight
(MS12-016),the Microsoft C Runtime flaw in Windows
Media Player (MS12-013), DLL-preloading issue in the
Color Control Panel (MS12-012) and a flaw in Visio
Viewer (MS12-015) were the other issues.
5. Google patched 14 vulnerabilities in Chrome and handed
out a record $47,500 in rewards to researchers, including
$30,000 for "sustained, extraordinary" contributions to its
bug-reporting program.
10 of them were "use-after-free" memory management
vulnerabilities
Google paid 4 outside researchers $17,500 in bounty
payments
Google also rewarded 3 of them with surprise bonuses of
$10,000 each for "sustained, extraordinary" work - Aki
Helin and Arthur Gerkis, and to "miaubiz."
6. Offensive Security released Backtrack 5 r2 on 1st March
Several new tools, upgrades to previous tools and
general improvement
arduino, bluelog, bt-audit, dirb, dnschef, dpscan, easy-
creds, extundelete, findmyhash, golismero, goofile, ha
shcat-gui, hash-
identifier, hexorbase, horst, hotpatch, joomscan, killerb
ee, libhijack, magictree, nipper-
ng, patator, pipal, pyrit, reaver, rebind, rec-
studio, redfang, se-toolkit, sqlsus, sslyze, sucrack, thc-
ssl-dos, tlssled, uniscan, vega, watobo, wcex, wol-
e, and xspy.
7. Linux Kernel 3.2.9 brings the usual ARM fixes
and improvements, some USB patches, ALSA
updates, as well as fixes for various
filesystems, like NFSv4 and eCryptfs.
8. GitHub hacked with Ruby on Rails public key
vulnerability - Egor Homakov
Polish websites attacked by Anti-ACTA Hackers
Microsoft India store, managed by Quasar
Media, down after hackers take user data – Team
EvilShadow
WikiLeaks releases alleged Stratfor e-mails
9. New Flashback Trojan variant found for OS X
Nortel was penetrated by hackers for decade
- Wall Street Report
Facebook Spammers Use Amazon's Cloud
Albania is the most Malware infected Nation -
Norman and Microsoft
10. Anonymous Eavesdrops on FBI Call
Anonymous takedown several Vatican
Websites
#AntiSec hackers deface Panda Security
site to protest LulzSec arrests
Anonymous Sabu was working for FBI to
Trace down other LulzSec hackers
11. Hackers steal Michael Jackson's entire back
catalog from Sony
Siemens and Canon's Databases exploited by
Team INTRA
Cyber Criminals took over billion dollar of
Brazilian companies – PwC
12. Pwn2Own 2012: Google Chrome browser
sandbox first to fall , IE 9 on Windows 7 SP1
hacked with two 0day vulnerabilities
Russian University student Sergey Glazunov
managed to execute code but not break out of
the Chrome sandbox
Vupen’s attack used a use-after-free bug to
bypass DEP and ASLR and then a bug to bypass
Chrome’s Sandbox
13. 5 member team from Vupen Security @Pwn2Own 2012 with CEO Chaouki Bekrar