Pierluigi Paganini
July 11, 2015
According to the experts at Volexity the Flash Player exploit has been leveraged in spear phishing campaign launched by the Wekby APT. As anticipated, several criminal gangs included the code for the exploitation of CVE-2015-5119 vulnerability in their exploit kits, let’s remember that the exploits code was disclosed as the result of the attack against the Hacking […]
Pierluigi Paganini
June 23, 2015
Adobe has released a security update for the critical Adobe Flash Player vulnerability CVE-2015-3113 that is being actively exploited in the wild. Security experts at FireEye discovered a critical heap buffer overflow vulnerability, coded CVE-2015-3113, that affects Adobe systems. FireEye discovered that the Adobe flaw is being exploited in the wild by the hacking crew […]
Pierluigi Paganini
March 27, 2015
Secunia firm issued its annual report on vulnerabilities exploited in 2014 in most popular software, a document which includes key figures and facts. Secunia has recently released its annual study of trends in software vulnerabilities, an interesting report that highlights the impact of the presence of flaws in common software and provide useful details on the […]
Pierluigi Paganini
March 24, 2015
Security experts discovered that the Adobe CVE-2011-2461 vulnerability is exploitable by at least four years despite the company has issued a patch. Four years ago Adobe released a patch for the vulnerability CVE-2011-2461 that was affecting the Adobe Flex SDK 3.x and 4.x. The flaw was a cross-site scripting (XSS) vulnerability that allowed remote attackers to inject arbitrary […]
Pierluigi Paganini
March 15, 2015
Adobe released security updates for Adobe Flash Player to fix 11 Critical Vulnerabilities, most of them Remote Code Execution flaws. Adobe has issued a critical update for the Flash Player product that fixes set of 11 critical security vulnerabilities in its software. The update is classified as critical because most of the security flaws could […]
Pierluigi Paganini
February 12, 2015
Security experts at Invincea and iSIGHT Partners uncovered a hacking campaign that used two distinct zero-day flaws to compromise Forbes.com website. Security experts at Invincea and iSIGHT Partners in a joint investigation tried to profile a Chinese APT group that used two distinct zero-day flaws to compromise Forbes.com website. The intent of the group was to […]
Pierluigi Paganini
February 02, 2015
A third critical zero-day vulnerability affects Adobe Flash Player 16.0.0.296 and earlier versions for Windows, Linux and Mac. It is the third time in a few weeks that the security of Adobe users is menaced by a zero-day in Flash that affects Windows, Linux and OS X systems. The company is already working to provide a patch […]
Pierluigi Paganini
January 25, 2015
Adobe released a security update that fixes also the zero-day vulnerability CVE-2015-0311 discovered by Kafeine in the last release of Angler exploit kit. The French security expert Kafeine has recently discovered an unpatched vulnerability (0day) in Flash Player is being exploited by Angler Exploit Kit. The new variant of the Angler exploit kit that exploit […]
Pierluigi Paganini
January 22, 2015
The French security expert Kafeine has discovered an unpatched vulnerability (0day) in Flash Player is being exploited by Angler Exploit Kit. The Angler exploit kit is one of the most popular crimeware kit and according to the French security researcher Kafeine it was enriched with a fresh Adobe Flash zero-day vulnerability. Kafeine has discovered a new variant of the Angler […]
Pierluigi Paganini
November 26, 2014
Adobe has released yesterday an out-of-band update to fix a critical remote code-execution vulnerability CVE-2014-8439 in Flash Player that is being exploited in the wild. Adobe has released an emergency patch to patch a critical remote code-execution vulnerability (CVE-2104-8439) affecting Flash Player that was already fixed last month (Adobe’s Oct. 14th), but that was exploited […]
Hacking / November 23, 2024
