Skip to main content

Flash exploits might signal APT activity

posted onJune 18, 2011
by l33tdawg

An Adobe Flash vulnerability that was fixed this week is being leveraged in targeted drive-by downloads and spear phishing attacks, according to the Shadowserver Foundation.

Researchers at the all-volunteer security intelligence group first learned of the exploits on June 9, five days before Adobe issued a patch for the flaw (in addition to updates for bugs in other products, including Reader, Acrobat and Shockwave Player).

"Virtually out of nowhere this just popped up," Shadowserver researcher Steven Adair told SCMagazineUS.com on Friday. "It has rapidly seemed to have made its way around."

Thanks to submissions by its partners, Shadowserver has learned that the exploit has been embedded on a number of legitimate websites, including ones belonging to a Korean news outlet, a Taiwanese university, an Indian government agency, aerospace companies and various "non-government organizations." Some of the victims are based in the United States.

Source

Tags

Adobe Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th