Adobe

Pierluigi Paganini November 26, 2014
Why Adobe issued the Out-of-Band Flash Player Update for CVE-2014-8439?

Adobe has released yesterday an out-of-band update to fix a critical remote code-execution vulnerability CVE-2014-8439 in Flash Player that is being exploited in the wild. Adobe has released an emergency patch to patch a critical remote code-execution vulnerability (CVE-2104-8439) affecting Flash Player that was already fixed last month (Adobe’s Oct. 14th), but that was exploited […]

Pierluigi Paganini September 18, 2014
Adobe issued critical security updates for Acrobat and Reader PDF

Adobe with a week of delay on the roadmap has released security updates to fix critical vulnerabilities in Acrobat and Reader PDF. Adobe has finally released critical security updates for its products Reader and Acrobat PDF software. The vulnerabilities fixed with these updates have been targeted by hackers in numerous cyber attacks worldwide. The security updates […]

Pierluigi Paganini April 29, 2014
Adobe zero-day used in watering hole attack against Syrian dissidents

Adobe has just released a security updates for Flash Player to fix critical vulnerabilities that are being exploited by hackers to track Syrian dissidents. Adobe has just released security updates for Flash Player to fix critical vulnerabilities that are being exploited in a series of cyber attacks targeting Syrian dissidents complaining about the government. Early April experts at […]

Pierluigi Paganini April 03, 2014
F-Secure has discovered MiniDuke malware samples in the wild

Security Experts at F-Secure discovered a collection of pdf documents, that had references to Ukraine, containing MiniDuke malware samples. MiniDuke is the name of a sophisticated cyber espionage campaign discovered more than one year ago by experts at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS). The malicious code was used by unknown hackers to […]

Pierluigi Paganini February 04, 2014
Fixed a serious flaw in Adobe Flash Player exploited in “the Mask APT”

Adobe has released security updates for Adobe Flash Player to fix a critical vulnerability exploited in a sophisticated cyber espionage campaign. Adobe has released today a new patch for the Flash Player product to fix a vulnerability which is currently being exploited. The vulnerability (CVE-2014-0497), allows an attacker to remotely take control of the targeted system […]

Pierluigi Paganini October 04, 2013
Adobe security breach,hackers steal 2.9M accounts and source code

Adobe reveals customer data stolen in security breach, hackers have accessed sensitive information for 2.9 million users and to the source code of many products. Adobe Systems Inc has warned that customer data stolen in a security breach. According an official advisory, 2.9 million customers might have had their information stolen due a cyber attack that hit […]

Pierluigi Paganini May 01, 2013
Adobe Reader vulnerability reveals where a PDF is opened

The McAfee security firm found an Adobe Reader vulnerability that reveals where a PDF document is opened. The McAfee security firm found an Adobe Reader vulnerability that reveals where a PDF document is opened, once again Adobe products are the center of attention of security experts after the numerous attacks that have exploited flaws in its products for cyber espionage campaigns. […]

Pierluigi Paganini February 12, 2013
Adobe 0-days exploited for IEEE aerospace spearphishing attacks

Last week Adobe released a patch for Adobe Flash that fixed a zero day vulnerability, CVE-2013-0633, that is being exploited using Microsoft Office files with embedded flash content delivered via email. The vulnerability is not isolated, it is circulating the news of a new one coded CVE-2013-0634 being exploited trough web browsers such as Firefox and Safari […]

Pierluigi Paganini November 09, 2012
Group-IB found a new zero-day vulnerability in Adobe products

We have had many opportunities recently to discuss about zero-day vulnerabilities, their knowledge is guarantee of success for the attackers and represents in many cases the certainty to not to be discovered. The zero-day vulnerabilities are desirable for cybercrime that desires to find new ways to monetize cyber attacks, but also for state sponsored hackers […]

Pierluigi Paganini September 30, 2012
Adobe Code Signing Certificate used to sign malware, who to blame?

It’s happened again, cyber criminals have stolen digital certificates related to companies recognized reliable to sign malicious code. This time the victim is Adobe and according its security chief, Brad Arkin, a group of hackers have signed malware using Adobe digital certificate obtained compromising a vulnerable build server that was used to get code validation […]