Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 29 November, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Angler exploit kit includes Adobe Flash zero-day

by The Gurus
January 21, 2015
in Editor's News
Share on FacebookShare on Twitter

An exploit kit named “Angler” is currently using an unpatched Flash 0-day to install malware.
 
According to the SANS Institute, current versions of Windows may be vulnerable, although Windows 8.1 and Google Chrome do not appear to be vulnerable. “Typically we see these exploits more in targeted attacks, not in widely used exploit kits,” it said. “This flaw could affect a large number of users very quickly.”
 
French security researcher Kafeine spotted the version of the Angler kit, and said that he first spotted the exploit for the zero-day in Flash on Wednesday and that it is being used to install a piece of malware known as Bedep, reported Threatpost.
 
Kafeine has not published the MD5 of the new exploit yet, but he said users may want to take precautions until Adobe has a fix available for the vulnerability. “Disabling Flash player for some days might be a good idea,” he said.
 
An Adobe spokesman said that the company is aware of the report and is investigating it. Pedro Bustamante, director of special projects at Malwarebytes, said: “The zero-day vulnerability in Flash Player could provide a big security risk for internet users, effectively opening an unguarded window onto PCs worldwide.
 
“The fact that it has seemingly been integrated into the Angler Exploit Kit shows that criminals are keen to use it to target people and businesses en-masse. Using a delivery mechanism such as Angler increases the chance of successful infections, allowing for accurate attacks through infected adverts on high traffic websites.
 
“The danger of any zero-day is that there is no patch in existence, so I would recommend caution from web-users until a confirmation and update is issued. We would also urge people to update security software and download Malwarebytes Anti-Exploit Free which, as pointed out by Kafeine, protects against this attack.”

FacebookTweetLinkedIn
Tags: ExploitMalwareZero-day
ShareTweet
Previous Post

Managed security services see a boost as skills struggle continue

Next Post

Tapping and tipping the talent

Recent News

Laptop, phone, hands

40% of Cybersecurity Departments Want More Budget to Upskill Employees

November 24, 2023
AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

November 24, 2023
Half of Cybersecurity Professionals Kept Awake By Workload Worries

Half of Cybersecurity Professionals Kept Awake By Workload Worries

November 24, 2023
Cyber Mindfulness Corner Company Spotlight: Pentest People

Cyber Mindfulness Corner Company Spotlight: Pentest People

November 23, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information