Adobe

Pierluigi Paganini July 11, 2015
Wekby APT attacks leverage Hacking Team exploits

According to the experts at Volexity the Flash Player exploit has been leveraged in spear phishing campaign launched by the Wekby APT. As anticipated, several criminal gangs included the code for the exploitation of CVE-2015-5119 vulnerability in their exploit kits, let’s remember that the exploits code was disclosed as the result of the attack against the Hacking […]

Pierluigi Paganini June 23, 2015
Adobe fixed the CVE-2015-3113 that is being exploited in the wild

Adobe has released a security update for the critical Adobe Flash Player vulnerability CVE-2015-3113 that is being actively exploited in the wild. Security experts at FireEye discovered a critical heap buffer overflow vulnerability, coded CVE-2015-3113, that affects Adobe systems. FireEye discovered that the Adobe flaw is being exploited in the wild by the hacking crew […]

Pierluigi Paganini March 27, 2015
Reading the Secunia Vulnerability Review 2015

Secunia firm issued its annual report on vulnerabilities exploited in 2014 in most popular software, a document which includes key figures and facts. Secunia has recently released its annual study of trends in software vulnerabilities, an interesting report that highlights the impact of the presence of flaws in common software and provide useful details on the […]

Pierluigi Paganini March 24, 2015
Adobe CVE-2011-2461 flaw is exploitable by 4 years although it was fixed

Security experts discovered that the Adobe CVE-2011-2461 vulnerability is exploitable by at least four years despite the company has issued a patch. Four years ago Adobe released a patch for the vulnerability CVE-2011-2461 that was affecting the Adobe Flex SDK 3.x and 4.x. The flaw was a cross-site scripting (XSS) vulnerability that allowed remote attackers to inject arbitrary […]

Pierluigi Paganini March 15, 2015
Adobe issued the updates for 11 Critical Vulnerabilities

Adobe released security updates for Adobe Flash Player to fix 11 Critical Vulnerabilities, most of them Remote Code Execution flaws. Adobe has issued a critical update for the Flash Player product that fixes set of 11 critical security vulnerabilities in its software. The update is classified as critical because most of the security flaws could […]

Pierluigi Paganini February 12, 2015
Chinese hackers hit Forbes visitors with zero-day exploits

Security experts at Invincea and iSIGHT Partners uncovered a hacking campaign that used two distinct zero-day flaws to compromise Forbes.com website. Security experts at Invincea and iSIGHT Partners in a joint investigation tried to profile a Chinese APT group that used two distinct zero-day flaws to compromise Forbes.com website. The intent of the group was to […]

Pierluigi Paganini February 02, 2015
A third Flash Zero-Day is being exploited in the wild

A third critical zero-day vulnerability affects Adobe Flash Player 16.0.0.296 and earlier versions for Windows, Linux and Mac. It is the third time in a few weeks that the security of Adobe users is menaced by a zero-day in Flash that affects Windows, Linux and OS X systems. The company is already working to provide a patch […]

Pierluigi Paganini January 25, 2015
Adobe issued the update to fix CVE-2015-0311 zero day

Adobe released a security update that fixes also the zero-day vulnerability CVE-2015-0311 discovered by Kafeine in the last release of Angler exploit kit. The French security expert Kafeine has recently discovered an unpatched vulnerability (0day) in Flash Player is being exploited by Angler Exploit Kit. The new variant of the Angler exploit kit that exploit […]

Pierluigi Paganini January 22, 2015
New Angler exploit kit includes a Flash zero-Day

The French security expert Kafeine has discovered an unpatched vulnerability (0day) in Flash Player is being exploited by Angler Exploit Kit. The Angler exploit kit is one of the most popular crimeware kit and according to the French security researcher Kafeine it was enriched with a fresh Adobe Flash zero-day vulnerability. Kafeine has discovered a new variant of the Angler […]

Pierluigi Paganini November 26, 2014
Why Adobe issued the Out-of-Band Flash Player Update for CVE-2014-8439?

Adobe has released yesterday an out-of-band update to fix a critical remote code-execution vulnerability CVE-2014-8439 in Flash Player that is being exploited in the wild. Adobe has released an emergency patch to patch a critical remote code-execution vulnerability (CVE-2104-8439) affecting Flash Player that was already fixed last month (Adobe’s Oct. 14th), but that was exploited […]