Report: Adobe zero-day exploit similar to HackingTeam tool

Adobe issued a new patch for a zero-day security vulnerability that exploited a flaw in the company’s Flash Player. The flaw, uncovered by researchers from the security vendor Gigamon, was exploitable through Microsoft Word, according to a report published Wednesday. Researchers discovered the vulnerability after a Ukrainian IP address submitted the details to VirusTotal, a malware analysis site, the Gigamon report said. The document was made to look like a job application form for a Russian health clinic, but in fact was meant to deliver reconnaissance malware. Researchers also said the hacking technique was similar to tools used by HackingTeam, an Italian surveillance company that had much of its spyware leaked in 2015. Gigamon researchers did not attribute this malware to HackingTeam because many of the company’s tools have been publicly accessible online for three years, meaning other hackers could have replicated some of that malicious code. The researchers also did not prioritize attribution, arguing that […]

The post Report: Adobe zero-day exploit similar to HackingTeam tool appeared first on Cyberscoop.

Continue reading Report: Adobe zero-day exploit similar to HackingTeam tool

Gigamon Acquires ICEBRG to Meld Security, Network Monitoring

Gigamon announced it is expanding the scope of its cybersecurity monitoring efforts significantly by acquiring ICEBRG, a provider of a cloud-based threat detection service. The combination of the sensors ICEBRG deploys coupled with the real-time netwo… Continue reading Gigamon Acquires ICEBRG to Meld Security, Network Monitoring

Adobe releases fix for actively exploited Flash Player zero-day

If you’re still using Flash Player, it’s time to update it again – and quickly: Adobe has just patched a critical zero day vulnerability (CVE-2018-5002) actively exploited in the wild. The attacks are “limited, targeted attacks … Continue reading Adobe releases fix for actively exploited Flash Player zero-day

Flash zero-day shows up in Qatar amid geopolitical struggles

A zero-day vulnerability in Adobe Flash was recently used to infect a likely diplomatic target in Qatar with malware, new research from Seattle-based cybersecurity company ICEBRG and Chinese tech firms Qihoo and Tencent shows. Adobe patched the vulnerability Thursday as part of a broader software update in a release that credited Seattle-based cybersecurity firm ICEBRG for alerting them to the flaw. The findings come as Qatar faces significant geopolitical struggles, including a trade blockade established by the United Arab Emirates (UAE), Saudi Arabia, Bahrain and Egypt. Over the last six months, politically-motivated Middle Eastern hacking has popped up numerous times. In late May, Qatar was outed as being connected to a hacking operation against top Republican donor Elliot Brody, an influential critic of the gulf state. Months earlier, Qater blamed UAE for hacking and editing content hosted by the Qatari News Agency (QNA), a government-backed news program. Subsequent reporting tied the QNA hack […]

The post Flash zero-day shows up in Qatar amid geopolitical struggles appeared first on Cyberscoop.

Continue reading Flash zero-day shows up in Qatar amid geopolitical struggles