Angler ExploitKit weaponizes Silverlight MS16-006

In January’s Patch Tuesday Microsoft addresses a vulnerability in Silverlight that was reported by Kaspersky. A week later on January 13 Kaspersky reported that the vulnerability was already being exploited in the wild and we set our RTI to “Actively Attacked”. Just 5 weeks later there has been a new development: security researcher @Kafeine has … Continue reading “Angler ExploitKit weaponizes Silverlight MS16-006”

Angler ExploitKit integrates Flash APSB16-01

On January 22 the Angler ExploitKit integrated the recent vulnerability CVE-2015-8651 into its arsenal. With that the exploit becomes widely available. We have updated the corresponding RTI to “ExploitKit”. Patching Adobe Flash player by applying APSB16-01 now becomes crucial as attacks against the vulnerability are now bound to be common. https://vimeo.com/162606661/

Silverlight MS16-006 seen in targeted attacks

On January 12 Microsoft published MS16-006 a new version of Silverlight, Microsoft’s Flash competitor that is widely installed due to its initial use by Netflix. The new version addresses 2 critical vulnerabilities. On January 13, Kaspersky who had reported that bug to Microsoft, explained that the vulnerability was already being exploited in the wild. They … Continue reading “Silverlight MS16-006 seen in targeted attacks”

Adobe addresses 0-day in Flash Player

On December 27 Adobe released an out-of-band update APSB16-01 for their Flash Player to address a vulnerability (CVE-2015-8651) that is already under attack. Under ThreatProtect we have set the RTI to “Actively Attacked”, which means there are targeted attacks on this vulnerability underway. We suggest patching your Flash players as quickly as possible.

Microsoft Windows local 0-day (MS15-135)

Microsoft has informed in its Patch Tuesday December 2015 that CVE-2015-6175, a local privilege escalation vulnerability in under attack in the wild. The vulnerability affects only Windows 10 and is detailed in MS15-135. Our RTI for QID: 91133 is ActivelyAttacked

Adobe Flash 0-day under targeted attack

TrendMicro has found evidence of an active exploit against a new vulnerability in the Adobe Flash player. Adobe has issued a patch in APSB15-27 and has been assigned CVE-2015-7645 Our RTI for QID: 124154 is ActivelyAttacked.

Windows local vulnerability being exploited

Microsoft acknowledged in its September Patch Tuesday release that CVE-2015-2546 is being exploited for local privilege escalation in the wild. The vulnerability is present in all versions of Windows and is addressed in MS15-097. Our RTI for QID: 91094 is set to: ActivelyAttacked.

2nd Flash 0-day found in Angler Exploit Kit

Trend Micro confirms in their analysis that the Flash Vulnerability CVE-2015-0311 is present in the Angler Exploit Kit. The RTI for QID: 123181 is now: 0-day, ExploitPack

2nd Flash 0-day

Adobe has acknowledged in APSA15-01 the existence of attacks in the wild against an Adobe Flash vulnerability (CVE-2015-0311). Our RTI for QID: 123181 is set to: 0-day.

Adobe Flash 0-day in Angler

Security Researcher Kafeine has detected a new attack against an Adobe Flash vulnerability (CVE-2015-0310) deployed in the Exploit Kit Angler and documented its function on January 21. Adobe has it addressed in APSB15-02 on January 22. Our RTI for QID: 123187 is set to: ExploitPack.