DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 21, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 106 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Adobe patches critical Flash vulnerability that is being actively exploited

Posted on Wednesday, June 24 2015 @ 14:14:22 CEST by


Flash logo
Adobe has rolled out an emergency fix to address a critical vulnerability (CVE-2015-3113) in its Flash software. Users are recommended to update asap as CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. The firm notes systems running IE for Windows 7 and below, as well as Firefox on Windows XP, are known targets.

Security Affairs has some more information about the hole. It was discovered by security firm FireEye, they found hacking crew APT3 was using it to target a number of industries, including telecommunications, transportation and aerospace and defense sectors:
The attack vector is once again the email, according to FireEye, the attackers send messages containing links to compromised web servers that were used to serve both harmless content or a malicious Adobe Flash Player exploit for the CVE-2015-3113.

“In June, FireEye’s FireEye as a Service team in Singapore uncovered a phishing campaign exploiting an Adobe Flash Player zero-day vulnerability (CVE-2015-3113). The attackers’ emails included links to compromised web servers that served either benign content or a malicious Adobe Flash Player file that exploits CVE-2015-3113.” states FireEye in the blog post.

“Once a target host was profiled, victims downloaded a malicious Adobe Flash Player SWF file and an FLV file, detailed below. This ultimately resulted in a custom backdoor known as SHOTPUT, detected by FireEye as Backdoor.APT.CookieCutter, being delivered to the victim’s system.”




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba