For the past couple of years, Office documents have largely replaced exploit kits as the primary malware delivery vector, giving threat…
Tag: Flash Player
Drive-by download campaign targets Chinese websites, experiments with exploits
During our web crawls we sometimes come across bizarre findings or patterns we haven’t seen before. This was the case with…
Malvertising on Equifax, TransUnion tied to third party script (updated)
Update (10-16-2017): More information regarding the third-party script (fireclick.js) and the domain it contacted (netflame[.]cc) was revealed by the Wall Street…
Recent Flash Zero-Day Now Part of Exploit Kits
The Adobe Flash Player continues to be the favourite browser plugin threat actors have been focusing on this year. The recent zero-day…
Another Hacking Team Flash Player 0day Uncovered (UPDATED)
Update: 07/15 7 As reported by Kafeine, Magnitude EK is now using this zero-day. Update: 07/14 7 As reported by brooks_li, RIG EK…
Hacking Team Leak Exposes New Flash Player Zero Day
Update (07/07 11:55 AM PT): Adobe released a security bulletin about this vulnerability which is assigned CVE-2015-5119. A fix is scheduled for…
Recent Flash Player 0-day Exploit Goes Mainstream
Security firm FireEye released a report on June 23 about targeted attacks leveraging a Flash Player zero-day vulnerability (CVE-2015-3113) in Adobe Flash Player…