• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

 | 

Security Affairs newsletter Round 530 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

The FBI warns that Scattered Spider is now targeting the airline sector

 | 

LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

 | 

Taking over millions of developers exploiting an Open VSX Registry flaw

 | 

OneClik APT campaign targets energy sector with stealthy backdoors

 | 

APT42 impersonates cyber professionals to phish Israeli academics and journalists

 | 

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

 | 

Cisco fixed critical ISE flaws allowing Root-level remote code execution

 | 

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Malware
  • Hacking Team Flash Zero-Day exploits are being used in the wild

Hacking Team Flash Zero-Day exploits are being used in the wild

Pierluigi Paganini July 08, 2015

Security experts confirmed that Adobe Flash vulnerability revealed in the recent attack against the Hacking Team is being used in the wild.

Every IT security website is publishing information related to the recent hack of the Hacking Team and consequent exfiltration of more than 400 GB of sensitive data. The most scaring scenario is already a reality, cyber criminals have started the integration of the exploits for Flash vulnerabilities yet unpatched in their crimeware kit, including the Neutrino EK.

“This is one of the fastest documented case of an immediate weaponization in the wild, possibly thanks to the detailed instructions left by Hacking Team.” Reported Malwarebytes.

The website “Malware Don’t Need Coffee”also reported that Angler EK and Nuclear EK mow includes the exploits for the new vulnerability targeted by the tools developed by the Hacking Team.

“As we were all expecting, integration in exploit kits was a matter of hours and it looks like Angler EK team is at it.”

Hacking team exploits 

The latest version of Mozilla Firefox is affect by the vulnerability:

Hacking team exploits 2

At the time I’m writing almost no AV Company was able to detect the malicious code, besides Malwarebytes Anti-Exploit:

Hacking team exploits 3

Fiddler and Neutrino have been also updated to include the new exploits, the attack scenario requests the installation of the vulnerability on a compromised website in order to infect visitors by exploiting the Adobe Flash bug and execute malicious arbitrary code on the targeted machine.

It is expected that today Adobe will release a fix to the vulnerability, but there are already workarounds to secure the systems, basically, you need to enable the “Click-to-Play” in all your browsers.

For that you just need to follow these steps:

Mozilla Firefox – Tools -> Addons -> Ask to Activate

Hacking team exploits 4.png

Google Chrome – Settings page ->advanced settings->Content settings under Privacy->Click to play.

Hacking team exploits 4

If you have the new version of Google Chrome, there are some small changes, settings are now called “Let me choose when to run plugin content”

Hacking team exploits 5

Internet Explorer – select the Gear at the top of the page and Manage Add-ons.

Select Toolbars and Extensions – select All add-ons

Find Shockwave Flash Object plug-in and select “more information”

Hacking team exploits 6

Click in “Remove all sites”

Hacking team exploits 7

Safari – Safari menu-> Preferences-> Security-> Manage Website Settings

Select the pluggin and In “When visiting other websites” change to “Ask”

Hacking team exploits 8

I hope this small tips can help you to prevent a dangerous situation.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Hacking Team, zero-day)

[adrotate banner=”5″]

[adrotate banner=”13″]

 


facebook linkedin twitter

Cybercrime data breach Hacking Hacking Team zero-Day

you might also like

Pierluigi Paganini June 29, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51
Read more
Pierluigi Paganini June 29, 2025
Security Affairs newsletter Round 530 by Pierluigi Paganini – INTERNATIONAL EDITION
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

    Breaking News / June 29, 2025

    Security Affairs newsletter Round 530 by Pierluigi Paganini – INTERNATIONAL EDITION

    Breaking News / June 29, 2025

    The FBI warns that Scattered Spider is now targeting the airline sector

    Cyber Crime / June 28, 2025

    LapDogs: China-nexus hackers Hijack 1,000+ SOHO devices for espionage

    Malware / June 28, 2025

    Taking over millions of developers exploiting an Open VSX Registry flaw

    Hacking / June 27, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT