• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   adobe flash

Exploit Kits in 2015: Flash Bugs, Compromised Sites, Malvertising Dominate

  • Posted on:March 10, 2016 at 4:00 am
  • Posted in:Exploits, Malware, Vulnerabilities
  • Author:
    Brooks Li and Joseph C. Chen (Threats Analysts)
0

Threats never stand still, and exploits kits were no exception. 2015 saw multiple changes to this part of the threat landscape: freshly-discovered exploits were added, and compromised websites and malvertising were used to deploy and spread threats using exploit kits. Exploit kits were a key part of the threat landscape in 2015. In this series of posts,…

Read More
Tags: Adobeadobe flashexploit kitInternet ExplorerVulnerabilities

Angler and Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit

  • Posted on:November 3, 2015 at 8:49 am
  • Posted in:Vulnerabilities
  • Author:
    Brooks Li and Joseph C. Chen (Threats Analysts)
1

When it comes to exploit kits, it’s all about the timing. Exploit kits often integrate new or zero-day exploits in the hopes of getting a larger number of victims with systems that may not be as up-to-date with their patches. We found two vulnerabilities that were now being targeted by exploit kits, with one being…

Read More
Tags: adobe flashAngler Exploit KitExploitexploit kitFlashnuclear exploit kitPawn Stormvulnerability

New Adobe Flash Zero-Day Used in Pawn Storm Campaign Targeting Foreign Affairs Ministries

  • Posted on:October 13, 2015 at 11:57 am
  • Posted in:Exploits, Targeted Attacks, Vulnerabilities
  • Author:
    Trend Micro
15

Trend Micro researchers have discovered that the attackers behind Pawn Storm are using a new Adobe Flash zero-day exploit in their latest campaign. Pawn Storm is a long-running cyber-espionage campaign known for its high-profile targets and usage of the first Java zero-day we’ve seen in the last couple of years.

In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events.

Read More
Tags: adobe flashPawn Stormzero-day exploitzero-day vulnerability

Flash Threats: Not Just In The Browser

  • Posted on:July 30, 2015 at 2:09 pm
  • Posted in:Exploits, Malware, Targeted Attacks
  • Author:
    Trend Micro
0

July has been a fairly poor month for Adobe Flash Player security, to say the least. Three separate zero-day vulnerabilities (all courtesy of the Hacking Team dump) have left many people concerned about Flash security, with many (including this blog) calling for it to go away. Some sort of reaction from Adobe to improve Flash…

Read More
Tags: 0dayadobe flashTargeted Attack

Hacking Team Flash Attacks Spread: Compromised TV and Government-Related Sites in Hong Kong and Taiwan Lead to PoisonIvy

  • Posted on:July 28, 2015 at 2:01 pm
  • Posted in:Exploits, Targeted Attacks, Vulnerabilities
  • Author:
    Joseph C Chen (Fraud Researcher)
0

A recent campaign compromised Taiwan and Hong Kong sites to deliver Flash exploits related to Hacking Team and eventually download PoisonIvy and other payloads in user systems. This campaign started on July 9, a few days after the Hacking Team announced it was hacked. The actors compromised the sites of a local television network, educational…

Read More
Tags: adobe flashflash 0dayHacking Teamwebsite compromise
Page 1 of 412 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.