Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.
Hacking Team promised to rebuild its controversial surveillance software while two more Adobe Flash Player zero day vulnerabilities were uncovered.
Security company Volexity said that the Wekby APT group, allegedly responsible for hitting Community Health Systems last year, is using the Hacking Team Flash Player zero-day exploit.
Three exploit kits–Angler, Nuclear Pack and Neutrino–have already weaponized the Adobe Flash Player zero day found among the data stolen from Hacking Team.
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.
Researchers at Cisco say that a Flash zero day exploit has compromised 1,800 domains, the majority of those during a 48-hour period last week.