Security company Volexity said that the Wekby APT group, allegedly responsible for hitting Community Health Systems last year, is using the Hacking Team Flash Player zero-day exploit.
Tag Archives: adobe flash player
Hacking Team Flash Zero Day Weaponized in Exploit Kits
Three exploit kits–Angler, Nuclear Pack and Neutrino–have already weaponized the Adobe Flash Player zero day found among the data stolen from Hacking Team.
Adobe to Patch Hacking Team Zero Day in Flash
Adobe is expected tomorrow to patch a Flash zero day vulnerability uncovered among the data stolen in the Hacking Team breach.
Adobe Patches 11 Critical Vulnerabilities in Flash Player
Adobe released an updated Flash Player with patches for 11 critical vulnerabilities, most of which lead to remote code execution.
Flash Zero Days Dominate Exploit Landscape
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.
Adobe Begins Patching Third Flash Player Zero Day
Adobe has begun distributing an emergency update for Flash Player that patched the third of three zero-day vulnerabilities under attack.
Latest Flash 0Day Under Attack; Possible Ties to Group Behind Angler EK
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.
1,800 Domains Overtaken by Flash Zero Day
Researchers at Cisco say that a Flash zero day exploit has compromised 1,800 domains, the majority of those during a 48-hour period last week.
Adobe Begins Auto-Update Patching of Second Flash Player Zero Day
Adobe on Saturday began patching a zero-day vulnerability in Flash Player for auto-update users, exploits for which have been included in the notorious Angler Exploit Kit.
Adobe Releases Emergency Flash Player Patch
Adobe released an emergency out-of-band Flash Player security bulletin, revising a patch released in October with an additional CVE addressing a memory corruption vulnerability.