Exploit kits: Winter 2018 review

In this Winter 2018 review, we check the pulse of exploit kits and their latest developments.
Categories:

Exploits
Threat analysis

Tags: CVE-2014-6332CVE-2015-2419CVE-2015-7645CVE-2015-8651CVE-2016-0189CVE-2018-4878EKsexploit kitsgrandsoftGreen… Continue reading Exploit kits: Winter 2018 review

Hermes ransomware distributed to South Koreans via recent Flash zero-day

An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea.
Categories:

Exploits
Threat analysis

Tags: CVE-2018-4878EKexploit kitFashHermesransomware

(Read more…)

The post Hermes rans… Continue reading Hermes ransomware distributed to South Koreans via recent Flash zero-day

Recent Flash Zero-Day Flaw Now Exploited in Widespread Attacks

A vulnerability that was recently patched in Flash Player after being used in targeted attacks is now seeing widespread exploitation in a malicious spam campaign. The flaw was first identified in late January by security researchers who saw it used in … Continue reading Recent Flash Zero-Day Flaw Now Exploited in Widespread Attacks

Massive Malspam Campaign Targets Unpatched Systems

Morphisec said that it has detected several malicious word documents – part of a “massive” malspam campaign – that takes advantage of a critical Adobe Flash Player vulnerability discovered earlier this month. Continue reading Massive Malspam Campaign Targets Unpatched Systems

New Flash Player zero-day comes inside Office document

Threat actors are targeting South Korea with a Flash Player zero-day in limited attacks, according to Adobe.
Categories:

Cybercrime
Exploits

Tags: CVE-2018-4878Flash Player zero-dayKorean

(Read more…)

The post New Flash Player zero-d… Continue reading New Flash Player zero-day comes inside Office document

Attackers Exploiting Unpatched Flaw in Flash

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses.

Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system. Continue reading Attackers Exploiting Unpatched Flaw in Flash