Think, Talk, Hack

Browsing tag

Adobe Flash

New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam

A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. “This malware is a Python-based information stealer compressed with cx-Freeze to evade detection,” Fortinet FortiGuard Labs researcher Cara Lin said. “MrAnon Stealer steals its victims’ credentials, system information, browser sessions, and cryptocurrency […]

root

Chrome Extension that Steals Credit Card Data Detected

Security researchers have found a Google Chrome extension which steals payment card information and which is still available on Chrome Web Store. Researchers at Cybersecurity firm ElevenPaths have discovered the malicious extension, which has been active since February 2018. A blog post made by ElevenPaths says, “We have detected an extension for Google Chrome, still […]

root

Mozilla Disabling Adobe Flash By Default In Firefox

Back in 2017, Adobe announced that it would stop updating and distributing flash support by the end of 2020. Now, many popular browsers are gradually incorporating the change. One of them is Mozilla Firefox, which will be disabling support for the Adobe Flash plugin by default, starting in Firefox 69. In a bug listing, Jim Mathies, […]

root

Beware! Those Adobe Flash Update Popups Could Be Hiding A Cryptominer

Adobe Flash is known to be a minefield of vulnerabilities and notorious actors exploit the same from time-to-time. Using fake Adobe Flash update popup on websites is another attack vector often used. Along the similar lines, a recent type of fake Flash update has been uncovered by a security researcher of Palo Alto Networks’ Unit 42 […]

root

New CHAINSHOT Malware Attack Carried Adobe Flash 0-day Exploit with Weaponized Microsoft Excel Documents

Newly discovered CHAINSHOT Malware attack using Adobe Flash 0-day vulnerability that carried by several Weaponized documents along with the encrypted malware payload. Researchers successfully cracked the 512-bit RSA key and decrypted the payload also the attack contains the several steps that follow each and every steps input. Attackers using the new toolkit that performed as […]

root

BlackOasis APT leverages new Flash zero-day exploit to deploy FinSpy

Security researchers from Kaspersky Labs spotted the BlackOasis APT group exploiting a new zero-day RCE vulnerability in Adobe Flash. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, tracked as CVE-2017-11292, which was being actively exploited by hackers in the wild to deliver the surveillance software FinSpy. Hackers belonging to the […]

root

Adobe Flash Player Bug that can Leak Windows User Credentials

Adobe published a new version of Flash player in the middle of this week covering the Security issues under CVE-2017-3085 that affects all the platforms of windows(Windows XP, Vista, 7, 8.x and 10). This flaw was identified by Security researcher Ruytenberg and it was derived from the old vulnerability(CVE-2016-4271) which Adobe patched on September 2016. […]

root

Adobe patches Multiple Security Flaw in Flash Player and Adobe Connect

Adobe releases patches for critical security flaws which allows attackers to control your system. This bundle applies for Windows, Macintosh, Linux and Chrome OS. Flash Player Security Update – APSB17-21 These critical vulnerabilities affected Adobe Flash Player Desktop Runtime, Adobe Flash Player for Google Chrome running with versions of 26.0.0.131 and earlier, also Adobe Flash […]

root

Adobe Flash Hacked in 4 Seconds, Safari Pwned In Less Than Half Minute

Short Bytes: PwnFest 2016 has become a death call for many software vendors. The hackers have managed to take down Apple’s Safari web browser in 20 seconds using a root privilege escalation zero-day. Another team managed to compromise Adobe Flash using an exploit that took just 4 seconds to run. At PwnFest 2016, many well-known (and amateur) […]

root

Zerodium Offers $100K for Adobe Flash Heap Isolation Bypasses

Despite calls to eliminate Adobe Flash Player, researchers inside and outside the vendor continue to invest in and build mitigations against modern attacks. As recently as three weeks ago, Adobe announced it had rewritten its memory manager, laying the groundwork for widespread heap isolation, which is an important protection against use-after-free vulnerability exploits. Today, however, […]

root

New zero-day exploit hits fully patched Adobe Flash

Attacks used to hijack end users’ computers when they visit booby-trapped sites. Attackers are exploiting a previously unknown vulnerability in fully patched versions of Adobe’s Flash Player so they can surreptitiously install malware on end users’ computers, security researchers warned Tuesday. So far, the attacks are known to target only government agencies as part of […]

root

Mozilla Firefox Kills All Versions of Flash Player by Default

Just yesterday, the chief security officer at Facebook, Alex Stamos asked for the end for Adobe’s fragile and vulnerable software Flash Player after 400 GB cache of files was stolen by the spyware company Hacking Team. In another similar development, Mozilla has decided lead the way and set examples for others. Reviewing the vulnerabilities, Mozilla was quick […]

root