Security Alerts & News
by Tymoteusz A. Góral

History
#814 Two exploit kits spreading attacks for recent Flash Player zero day
Exploits for the most recent Adobe Flash Player zero-day vulnerability have been integrated into the Neutrino and Magnitude exploit kits, and are leading compromised computers to different ransomware strains and a credential-stealing Trojan.

A French researcher who goes by the handle Kafeine told Threatpost that Neutrino has embedded a working exploit for CVE-2016-4117 while Magnitude has not fully implemented the exploit.

Kafeine said that Magnitude is firing exploits for Flash Player up to version 21.0.0.213, but the payloads are not executing, despite the presence of references to the vulnerable code. It could be that the exploit was not implemented correctly; Kafeine said that as of this morning the payloads were not working.

Detection rates on VirusTotal for the Neutrino exploit remains low, only five of 56 as of this morning.
Read more
#818 This sneaky botnet shows why you shouldn't use the same password for everything
#817 SWIFT network doubles down on security
#816 Google plans to bring password-free logins to Android apps by year-end
#815 Persistent EITest malware campaign jumps from Angler to Neutrino
#814 Two exploit kits spreading attacks for recent Flash Player zero day
#813 Windows 10 problem? Now everyone can gripe to Microsoft via Feedback Hub
#812 Crooks used SQL injections to hack Drupal sites and install fake ransomware
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12