Adobe Flash hit by another nasty zero-day vulnerability

Posted on Wednesday, Oct 14 2015 @ 11:16 CEST by Thomas De Maesschalck
Adobe Flash logo
Trend Micro warns a new zero-day exploit in Adobe Flash is being abused to attack fully-patched systems. The attack originates from the attackers behind Pawn Storm and primarily targets foreign affairs ministries from around the globe.
In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events, with the email subjects containing the following topics:

  • “Suicide car bomb targets NATO troop convoy Kabul”
  • “Syrian troops make gains as Putin defends air strikes”
  • “Israel launches airstrikes on targets in Gaza”
  • “Russia warns of response to reported US nuke buildup in Turkey, Europe”
  • “US military reports 75 US-trained rebels return Syria”

    It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year.

  • About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

    Loading Comments