HackDig : Dig high-quality web security articles for hacker

Adobe Patches 79 ‘Critical’ Vulnerabilities in Flash Player

Adobe has patched 79 “critical” vulnerabilities affecting Flash Player in its December 2015 security bulletin.The alert, which bears the vulnerability identifier APSB15-32, warns that all platforms are affected by the flaws. This includes Windows and Macintosh regarding the Flash desktop version 19.0.0.245 and earlier, as well as the Google Chro
Publish At:2015-12-09 23:10 | Read:3973 | Comments:0 | Tags:Latest Security News Adobe Animate code execution Flash Play

Recent Flash Zero-Day Now Part of Exploit Kits

The Adobe Flash Player continues to be the favourite browser plugin threat actors have been focusing on this year. The recent zero-day exploit that was used in targeted attacks is now part of mainstream exploit kits. Angler EK and Nuclear EK now include the latest CVE-2015-7645 which was patched by Adobe on October 16. This vulnerability affects Adobe Flash
Publish At:2015-10-30 21:00 | Read:2397 | Comments:0 | Tags:Exploits angler Flash Player Nuclear zero day exploit

Flash Player Zero-Day Patched by Adobe Ahead of Schedule

Adobe has released patches for multiple vulnerabilities in its Flash Player application ahead of schedule, including a zero-day exploit (CVE-2015-7645) that is known to have been used in a targeted espionage campaign.On Friday, the United States Computer Emergency Readiness Team (US-CERT) issued a statement directing users to ASPB15-27, Adobe’s latest
Publish At:2015-10-19 20:30 | Read:2844 | Comments:0 | Tags:Latest Security News Adobe Flash Player Google Project Zero

New Adobe Flash Player Zero-Day Used in Pawn Storm Campaign

Security researchers have identified a new zero-day exploit in Adobe Flash Player that attackers behind the Pawn Storm espionage campaign leveraged to spy on foreign ministries.Since its inception, Pawn Storm has generally relied on the use of zero-day exploits, including the first Java-based exploit observed in a couple of years, to spy on high-profile targ
Publish At:2015-10-14 14:25 | Read:4032 | Comments:0 | Tags:Latest Security News Adobe Flash Player Pawn Storm spear-phi

Adobe fixes dozens critical vulnerabilities in Flash Player

Adobe has released a new Flash Player update that patches 23 critical vulnerabilities in the popular software. Update your version asap. Adobe has released a new Flash Player update that fixes 23 critical vulnerabilities in the popular software. According to the security bulletin issued by Adobe, Version 18.0.0.231 and earlier
Publish At:2015-09-22 18:45 | Read:3799 | Comments:0 | Tags:Breaking News Security Adobe Flash Flayer exploit Flash Play

Another Hacking Team Flash Player 0day Uncovered

The Hacking Team debacle has made headlines all week long and sparked a lot of debates over the sale of cyber weapons to various governments, including oppressive regimes. It didn’t take very long for someone to identify a zero-day vulnerability in the Flash Player within the leaked documents. That vulnerability was almost instantly weaponized in explo
Publish At:2015-07-11 10:20 | Read:3339 | Comments:0 | Tags:Exploits 0day Flash Player hacking team zero day zeroday

Hacking Team Leak Exposes New Flash Player Zero Day

Update (07/07 11:55 AM PT): Adobe released a security bulletin about this vulnerability which is assigned CVE-2015-5119. A fix is scheduled for July 8. – – – – The security community was ablaze yesterday with the news of a massive data dump and hack of most controversial firm Hacking Team. Hacking Team specializes in surveillance sof
Publish At:2015-07-07 20:30 | Read:3220 | Comments:0 | Tags:Exploits Flash Player hack zero day

Kovter trojan patches Flash Player, IE to close the door to other infections

Security researcher discovered a strain of the Kovter trojan that has been updating  Flash Player and Internet Explorer to prevent further infections. The French security expert Kafeine have discovered a new strain of the Kovter malware noticing that the instance of the malicious code he was analyzing were attempting to downlo
Publish At:2015-07-04 14:10 | Read:3920 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Flash Player IE

Recent Flash Player 0-day Exploit Goes Mainstream

On June 23rd, security firm FireEye released a report about targeted attacks leveraging a Flash Player zero-day vulnerability (CVE-2015-3113) in Adobe Flash Player up to version 18.0.0.160. The firm stated that some users would receive a phishing email containing a link to a site hosting the zero-day exploit. The announcement went out around the same time as
Publish At:2015-06-29 06:25 | Read:6615 | Comments:0 | Tags:Exploits 0day anti exploit CVE-2015-3113 exploit Flash Playe

New Adobe Zero-Day Shares Same Root Cause as Older Flaws

Earlier we talked about the out-of-band update for Flash Player that was released by Adobe (identified as APSB15-14) that was released to fix CVE-2015-3113. This update raised the Flash Player version to 18.0.0.194. Our analysis of the current flaw reveals that the root cause of CVE-2015-3113 is similar to CVE-2015-3043. Both cause a buffer overflow within t
Publish At:2015-06-24 18:35 | Read:3608 | Comments:0 | Tags:Malware CVE-2015-3043 CVE-2015-3113 flash player

Safari Flash Player Plug-in Blocked Due to Security Bugs

The Apple Product Security team issued a security notice this week, stating that outdated Flash Player plug-ins are being blocked due to vulnerabilities in outdated versions. Apple updated the web plug-in blocking mechanism in Safari browsers to disable all Flash Player versions prior to Flash Player 17.0.0.169 and 13.0.0.281.These updates come after Adobe i
Publish At:2015-04-24 05:20 | Read:3219 | Comments:0 | Tags:Security News CVE-2015-3043 Flash Player plugin Safari

Adobe Patches Flash Flaw Targeted by Exploit in the Wild

Adobe Systems has released a patch for 22 vulnerabilities in Flash Player, one of which is reportedly under attack by an exploit that exists in the wild. The most critical vulnerability, CVE-2015-3043, could lead to code execution. Adobe's Flash Player security updates are available for Macintosh, Windows and Linux."Adobe is aware of a report that an exploit
Publish At:2015-04-14 17:15 | Read:2363 | Comments:0 | Tags:Security News Adobe CVE-2015-3043 exploit Flash Player vulne

Nuclear EK leverages recently patched Flash vulnerability

Back in October 2014, we wrote an article about a particular malware campaign we nicknamed ‘EITest’. The actors behind it were using hacked sites and bogus .us.to subdomains to redirect their victims to the Angler Exploit Kit which finished the job and infected vulnerable machines. Fast forward a few months and we are back to the same modus opera
Publish At:2015-03-20 10:10 | Read:5000 | Comments:0 | Tags:Exploits adobe CVE-2015-0336 Flash Player Nuclear EK Vulnera

Adobe issued the updates for 11 Critical Vulnerabilities

Adobe released security updates for Adobe Flash Player to fix 11 Critical Vulnerabilities, most of them Remote Code Execution flaws. Adobe has issued a critical update for the Flash Player product that fixes set of 11 critical security vulnerabilities in its software. The update is classified as critical because most of the
Publish At:2015-03-15 09:40 | Read:3474 | Comments:0 | Tags:Breaking News Security Adobe critical update Flash Player Ha

Analyzing CVE-2015-0313: The New Flash Player Zero Day

Adobe has started rolling out an update to Flash Player which fixes the zero-day vulnerability we discussed earlier this week. This particular vulnerability can be exploited via all major browsers (Internet Explorer, Firefox, and Chrome); however Chrome users are protected by that browser’s sandbox for its Flash plugin, protecting end users from any at
Publish At:2015-02-05 08:50 | Read:3347 | Comments:0 | Tags:Exploits Vulnerabilities adobe flash CVE-2015-0313 flash pla

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud