The Adobe Flash nightmare isn’t over yet. No, not by a long shot. Now, it seems hackers are working to break into federal agencies using a recently patched Flash vulnerability.
Adobe released an emergency update to fix a critical flaw in its Flash Player browser plugin last week. The vulnerability is actively exploited in the wild via limited, targeted attacks. Internet Explorer for Windows 7, Firefox and Windows XP users are vulnerable.
The FBI issued a warning in a memo. "The FBI has received information regarding a likely ongoing phishing campaign that started 08 July 2015 and was observed targeting U.S. government agencies. This campaign is similar to a June campaign launched by similar malicious actors. In both campaigns, the e-mails contain a link that exploits Adobe Flash vulnerability CVE-2015-5119."
A Dangerous Internet
We caught up with Clinton Karr, senior security strategist at endpoint security firm Bromium, to get his thoughts on the ongoing danger. He told us this Adobe Flash zero-day illustrates why Internet content is so untrustworthy: attacks can be committed through the browser, through scripting languages and even through extensions.
“It's a greenfield for hackers with no end in sight if the status quo for protection doesn't change,” Karr said. “Now that the exploit has been discovered, most security and operations teams are scrambling to do one of two things -- race to deploy the newest patch before hackers can leverage the exploit for an attack. Or test the patch to make sure it integrates with legacy systems.”
This latest zero-day, as well as others before it, could have been isolated in the first place. Only by isolating the threat are security and ops teams granted the grace period needed to test and deploy these critical patches, he said.
This Adobe flaw, and two others, were made public after the Hacking Team was hacked. The Italian company made a name for itself helping governments and intelligence agencies spy on people. But now the tables have apparently been turned as the team’s private documents have been exposed online. The Adobe Flash flaw was part of that disclosure.
As part of the attack, hackers sent a tweet from the Hacking Team’s twitter account that offered a link to 400 GB of the company’s source code, e-mails and internal files. Adobe so far has been the biggest victim.
Adobe said successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe said an exploit targeting this vulnerability has been published publicly.
“Without a doubt cybercriminals have already got their hands on it and will integrate it in their exploit kits soon,” said Jerome Segura, a senior security researcher at Malwarebytes. “This is one of the fastest documented cases of an immediate weaponization in the wild, possibly thanks to the detailed instructions left by Hacking Team.”
Read more on: Adobe
, Network Security
, Data Security
, Internet Explorer
, Windows XP
, Top Tech News