HackDig : Dig high-quality web security articles for hacker

Latest Russia-linked APT28 campaign targeting security experts

Russian cyber espionage group APT28 targeted individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Researchers with Cisco Talos have spotted a Russian cyber espionage group targeting individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Experts attributed the atta
Publish At:2017-10-24 13:20 | Read:2436 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Malware Adobe Flash APT2

APT28 group is rushing to exploit recent CVE-2017-11292 Flash 0-Day before users apply the patches

The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed
Publish At:2017-10-23 00:30 | Read:4603 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Adobe Flash CVE-2017

Adobe patches multiple flaws including a Flash Zero-Day exploited in the wild

Adobe issued security patches that address multiple flaws in 9 products, including fixes for zero-day vulnerabilities that has been exploited in the wild. Adobe has issued security updates to fix vulnerabilities in nine products, including patches for zero-day flaws that has been exploited in targeted attacks. The version of Flash Player addresses
Publish At:2016-12-13 19:45 | Read:3952 | Comments:0 | Tags:Breaking News Hacking Adobe Adobe Flash CVE-2016-7892 securi

VERT Threat Alert: November 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-698 on Wednesday, November 9th.Ease of Use (published exploits) to Risk TableAutomated Exploit   MS16-132MS16-135Easy    Moderate    Difficult    Extremely DifficultMS16-129MS16-1
Publish At:2016-11-10 04:46 | Read:3914 | Comments:0 | Tags:Vulnerability Management Adobe Flash internet explorer micro

Adobe patches Flash Zero-Day exploited by ScarCruft APT

Adobe Flash Player release fixes the Flash Player zero-day vulnerability (CVE-2016-4171) exploited by the APT group dubbed ScarCruft. Adobe has issued the Flash Player, a release that fixes the Flash Player zero-day vulnerability (CVE-2016-4171) exploited by the APT group dubbed ScarCruft in attacks on high-profile targets. The Flash Pl
Publish At:2016-06-19 16:15 | Read:3390 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Adobe Adobe Flash APT CVE-

Operation Daybreak

Earlier this year, we deployed new technologies in Kaspersky Lab products to identify and block zero-day attacks. This technology already proved its effectiveness earlier this year, when it caught an Adobe Flash zero day exploit (CVE-2016-1010). Earlier this month, our technology caught another zero-day Adobe Flash Player exploit deployed in targeted attacks
Publish At:2016-06-17 08:05 | Read:5119 | Comments:0 | Tags:Blog Research Adobe Flash APT Vulnerabilities and exploits Z

ScarCruft APT Group exploited Flash Zero-Day in High-Profile attacks

Security experts from Kaspersky Lab revealed that an APT group dubbed ScarCruft exploited the zero day vulnerability (CVE-2016-4171) in Adobe Flash Player. According to the experts from Kaspersky Lab, an APT group dubbed ScarCruft exploited a zero day vulnerability (CVE-2016-4171) in Adobe Flash Player. The group launched a series of attacks against high-pro
Publish At:2016-06-15 21:00 | Read:4246 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Adobe Adobe Flash

CVE-2016-4171 – Another Flash Zero-Day exploited in targeted attacks

Adobe states that the Flash Player zero-day vulnerability (CVE-2016-4171) has been exploited in targeted attacks. It will be fixed later this week. Once again Adobe Flash Player is the target of hackers in the wild. Adobe has released security updates for several of its products announcing that the fix for a critical Flash Player zero-day vulnerability (CVE-
Publish At:2016-06-15 02:45 | Read:3217 | Comments:0 | Tags:Breaking News Hacking Adobe Adobe Flash CVE-2016-4171 target

Bedep Lurking in Angler’s Shadows

This post is authored by Nick Biasini.In October 2015, Talos released our detailed investigation of the Angler Exploit Kit which outlined the infrastructure and monetary impact of an exploit kit campaign delivering ransomware. During the investigation we found that two thirds of Angler’s payloads were some variation of ransomware and noted one of the o
Publish At:2016-02-09 17:00 | Read:2442 | Comments:0 | Tags:Threat Research 0-day Adobe Flash angler Bedep Talos Threat

Blast a Hole in Adobe Flash and Earn $100,000

Fancy earning $100,000? Of course, you do.Well, now there’s an opportunity to earn a huge reward if you can demonstrate how Adobe Flash can be exploited.Sounds good right? Well, here’s the bad news for the rest of us: it’s not Adobe offering the money in the form of a bug bounty.Less than a month ago, Adobe proudly announced a series of se
Publish At:2016-01-06 20:15 | Read:2993 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Adobe Adob

Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses

Despite calls to eliminate Adobe Flash Player, researchers inside and outside the vendor continue to invest in and build mitigations against modern attacks.As recently as three weeks ago, Adobe announced it had rewritten its memory manager, laying the groundwork for widespread heap isolation, which is an important protection against use-after-free vulnerabil
Publish At:2016-01-06 03:20 | Read:3998 | Comments:0 | Tags:Web Security Vulnerabilities adobe adobe flash Vupen Adobe F

Facebook Disabled Flash For Video Finally

So Facebook disabled Flash for video finally, sadly it’s still there for games but a large use case for it just went out the window. And really, it’s not surprising after the recent mega patch in Adobe Flash that fixed 78 CVE classified vulnerabilities.There’s just no good reason for anyone to still be using Flash and browsers, if they don&
Publish At:2015-12-24 00:30 | Read:2671 | Comments:0 | Tags:Exploits/Vulnerabilities facebook flash flash security faceb

Latest Update Patches 78 CVE-classified Flash Security Vulnerabilities

So as a rule, in 2015 running Adobe Flash is already pretty scary – but the latest patch release covers 78 CVE-classified Flash security vulnerabilities.That’s not scary, that’s terrifying.By now you kinda expect flaws in Flash, it’s just a given. But 78 CVE-classified vulnerabilities in one patch release? That’s just insane, th
Publish At:2015-12-10 11:00 | Read:3101 | Comments:0 | Tags:Exploits/Vulnerabilities hacking-flash flash adobe flash sec

Flash’s Farewell Under Way

If there’s unanimity among security professionals in anything, it’s in their loathing of Adobe’s Flash Player. There’s yet to be an APT or exploit kit that hasn’t welcomed vulnerabilities in the development platform with open arms. And for all that misery tallied up in lost intellectual property and industrial secrets, and stole
Publish At:2015-12-03 23:40 | Read:2715 | Comments:0 | Tags:Vulnerabilities Web Security adobe adobe flash Adobe Flash e

Angler and Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit

When it comes to exploit kits, it’s all about the timing. Exploit kits often integrate new or zero-day exploits in the hopes of getting a larger number of victims with systems that may not be as up-to-date with their patches. We found two vulnerabilities that were now being targeted by exploit kits, with one being the recent Pawn Storm Flash zero-day. Starti
Publish At:2015-11-04 04:30 | Read:2930 | Comments:0 | Tags:Vulnerabilities adobe flash Angler Exploit Kit Exploit explo


Share high-quality web security related articles with you:)


Tag Cloud