Virustotal, a free online service for file-analysis has seen the first samples of RTF files that abuse CVE-2016-0021. CVE-2016-0021 is a Remote Code Execution vulnerability which can be triggered in Word or through the preview pane in Outlook. It was addressed in MS16-029 in Microsoft Patch Tuesday March 2016. We consider Microsoft Word under targeted … Continue reading “Microsoft Word under active Attack (MS16-029)”
Adobe patches 0-day in Flash with out-of-band update
On March 10 Adobe released an out-of-band update for their Flash Player that addresses a vulnerability (CVE-2016-1010) actively exploited in targeted attacks. APSB16-08 addresses also another 22 vulnerabilities. A successful exploit of this vulnerability gives the attacker Remote Code Execution on the target machine. Attack vector includes malicious websites set up for the purpose of … Continue reading “Adobe patches 0-day in Flash with out-of-band update”
Transmission 2.90 trojaned by Ransomware
Popular Bittorrent client Transmission 2.90 for Mac OS X has been trojaned by Ransomware. v2.91 is free of the Ransomware and we recommend to install 2.92 for a version of Transmission that also removes the installed Ransomware.
Angler ExploitKit weaponizes Silverlight MS16-006
In January’s Patch Tuesday Microsoft addresses a vulnerability in Silverlight that was reported by Kaspersky. A week later on January 13 Kaspersky reported that the vulnerability was already being exploited in the wild and we set our RTI to “Actively Attacked”. Just 5 weeks later there has been a new development: security researcher @Kafeine has … Continue reading “Angler ExploitKit weaponizes Silverlight MS16-006”
Angler ExploitKit integrates Flash APSB16-01
On January 22 the Angler ExploitKit integrated the recent vulnerability CVE-2015-8651 into its arsenal. With that the exploit becomes widely available. We have updated the corresponding RTI to “ExploitKit”. Patching Adobe Flash player by applying APSB16-01 now becomes crucial as attacks against the vulnerability are now bound to be common.
Silverlight MS16-006 seen in targeted attacks
On January 12 Microsoft published MS16-006 a new version of Silverlight, Microsoft’s Flash competitor that is widely installed due to its initial use by Netflix. The new version addresses 2 critical vulnerabilities. On January 13, Kaspersky who had reported that bug to Microsoft, explained that the vulnerability was already being exploited in the wild. They … Continue reading “Silverlight MS16-006 seen in targeted attacks”
Adobe addresses 0-day in Flash Player
On December 27 Adobe released an out-of-band update APSB16-01 for their Flash Player to address a vulnerability (CVE-2015-8651) that is already under attack. Under ThreatProtect we have set the RTI to “Actively Attacked”, which means there are targeted attacks on this vulnerability underway. We suggest patching your Flash players as quickly as possible.
Microsoft Windows local 0-day (MS15-135)
Microsoft has informed in its Patch Tuesday December 2015 that CVE-2015-6175, a local privilege escalation vulnerability in under attack in the wild. The vulnerability affects only Windows 10 and is detailed in MS15-135. Our RTI for QID: 91133 is ActivelyAttacked
Adobe Flash 0-day under targeted attack
TrendMicro has found evidence of an active exploit against a new vulnerability in the Adobe Flash player. Adobe has issued a patch in APSB15-27 and has been assigned CVE-2015-7645 Our RTI for QID: 124154 is ActivelyAttacked.
Windows local vulnerability being exploited
Microsoft acknowledged in its September Patch Tuesday release that CVE-2015-2546 is being exploited for local privilege escalation in the wild. The vulnerability is present in all versions of Windows and is addressed in MS15-097. Our RTI for QID: 91094 is set to: ActivelyAttacked.