CVE-2018-4878 – WindowsTechs.com

Exploit kits: Winter 2018 review

Posted on March 29, 2018 by Jérôme Segura

In this Winter 2018 review, we check the pulse of exploit kits and their latest developments.
Categories:

Exploits
Threat analysis

Tags: CVE-2014-6332CVE-2015-2419CVE-2015-7645CVE-2015-8651CVE-2016-0189CVE-2018-4878EKsexploit kitsgrandsoftGreen… Continue reading Exploit kits: Winter 2018 review→

Hermes ransomware distributed to South Koreans via recent Flash zero-day

Posted on March 14, 2018 by Malwarebytes Labs

An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea.
Categories:

Exploits
Threat analysis

Tags: CVE-2018-4878EKexploit kitFashHermesransomware

Recent Flash Zero-Day Flaw Now Exploited in Widespread Attacks

Posted on February 28, 2018 by Lucian Constantin

A vulnerability that was recently patched in Flash Player after being used in targeted attacks is now seeing widespread exploitation in a malicious spam campaign. The flaw was first identified in late January by security researchers who saw it used in … Continue reading Recent Flash Zero-Day Flaw Now Exploited in Widespread Attacks→

Massive Malspam Campaign Targets Unpatched Systems

Posted on February 27, 2018 by Lindsey O'Donnell

Morphisec said that it has detected several malicious word documents – part of a “massive” malspam campaign – that takes advantage of a critical Adobe Flash Player vulnerability discovered earlier this month. Continue reading Massive Malspam Campaign Targets Unpatched Systems→

New Flash Player zero-day comes inside Office document

Posted on February 5, 2018 by Jérôme Segura

Threat actors are targeting South Korea with a Flash Player zero-day in limited attacks, according to Adobe.
Categories:

Cybercrime
Exploits

Tags: CVE-2018-4878Flash Player zero-dayKorean

(Read more…)

The post New Flash Player zero-d… Continue reading New Flash Player zero-day comes inside Office document→

Attackers Exploiting Unpatched Flaw in Flash

Posted on February 2, 2018 by BrianKrebs

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses.

Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system. Continue reading Attackers Exploiting Unpatched Flaw in Flash→