All users are currently being urged to update to the latest version of Flash. This became necessary after discovering that some security flaw has been exploited in the wild. The company explained that the flaw affected how Flash Player plays video files and let hackers use a special video file to gain control of a user’s machine. The bug was made public a few days ago by security research company Fireeye, which reported it to Adobe. Now Adobe issued a patch available online.
However, it became known that by the time the bug was discovered, it was already being used by a Chinese hacking group named “APT3 (Advanced Persistent Threat 3)”, which was sending phishing emails targeting companies in various industries, including the aerospace, defense, engineering, high tech, telecommunications and transportation. Security experts confirmed that the hackers ultimately placed a backdoor on the victim’s machines.
Fireeye published a report saying that APT3 is one of the most sophisticated threat groups known for introducing new browser-based zero-day exploits (for example, Internet Explorer, Firefox, and Adobe Flash Player. As you know, a zero-day exploit has never been used before, which means that the company involved has “zero days” to fix it.
Whereas before, the exploit had only been used by the Advanced Persistent Threat 3, a further warning was recently put out after it emerged in a popular exploit kit Magnitude. Such kits let would-be malware authors combine their software without having to write the exploits, and it has already been used to make attempts to install ransomware on victim’s machines.
All Internet users should know that installing the latest version of Adobe Flash will make their computers secure once again.
0 comments:
Post a Comment