Updated:03:23 AM EDT May 25


this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
submit news

FREE eBooks

REVIEWS
 
SOFTWARE
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
 
FORUMS
comments
hardware
software
off-topic
 
LINKS
 
SPONSORS:

Forex Brokers Reviewed



Try to play real money casino with no risk by claiming offers at freespinsnodeposituk.com that lists no deposit free spins

When playing bingo online, we recommend to read verified reviews at bingosite.org.uk before choosing a bingo site to play at.



Bästa mobilcasino means the best mobile casino in Swedish. Visit NyaMobilCasinon.se and play at top smartphone casinos.

Looking for free spins? https://nyacasinonsverige.se/nya-free-spins/ Visit and claim 10, 20, 50 or more extra spins to play your favourite slots.

(C) 2006-2018 TechAmok
All Rights Reserved.


CONTACT
 
A critical Adobe Flash Player zero-day vulnerability - TechAmok

A critical Adobe Flash Player zero-day vulnerability - [security]
02:06 PM EST - Feb,03 2018 - post a comment

Adobe's Flash Player has been the cause of security concerns over the past few years with lots of attackers targeting the particular software. A few months ago, Kaspersky Lab discovered a Flash vulnerability through Microsoft Word, and in February 2017, even Microsoft was forced to release a critical security update for Flash on Windows, separate from its Patch Tuesday schedule. Now, another zero-day vulnerability has been discovered in the software, which allows Remote Code Execution (RCE) on various platforms. According to Adobe, it is already being utilized against Windows users on a limited scale. The latest security issue has been discovered by South Korea's CERT and has been reported in detail by Cisco Systems' Talos group. According to the security researchers, the exploit is carried out by embedding a Flash SWF file in a Microsoft Excel document. In the limited number of attacks carried out using this vulnerability so far, opening this document allows the Flash object to download the ROKRAT payload from malicious websites, load it into the memory and execute it. ROKRAT is a Remote Administration Tool that is used in cloud platforms to procure documents. According to Talos, a group named "Group 123" is the perpetrator of ROKRAT, but this is the first time that it has utilized a zero-day vulnerability. The security researchers go on to say that:
Group 123 have now joined some of the criminal elite with this latest payload of ROKRAT. They have used an Adobe Flash 0 day which was outside of their previous capabilities - they did use exploits in previous campaigns but never a net new exploit as they have done now. This change represents a major shift in Group 123s maturity level, we can now confidentially assess Group 123 has a highly skilled, highly motivated and highly sophisticated group. Whilst Talos do not have any victim information related to this campaign we suspect the victim has been a very specific and high value target. Utilizing a brand new exploit, previously not seen in the wild, displays they were very determined to ensure their attack worked.


Add your comment (free registrationrequired)

Short overview of recent news articles

May,24 2018 Google, PayPal Extend Mobile and Online Payment Partnership
May,24 2018 AMD Radeon Adrenalin Edition 18.5.1
May,24 2018 GeForce Game Ready 397.93 WHQL drivers
May,23 2018 20+ Most Satisfying Art Videos by Bored Panda Art
May,23 2018 Skyscraper - Official Trailer 2
May,23 2018 GOD FRIENDED ME Official First Look Trailer
May,23 2018 HTC U12+ Jumps to 2:1 Screen, Improves Edge Sense, Refines Speakers
May,23 2018 MOWGLI - Official 1st Trailer
May,23 2018 Mark Zuckerberg's European Parliament Live Stream
May,23 2018 Speculative Store Bypass in 3 Minutes
May,22 2018 Unreal Gold is available for free
May,20 2018 The best pics on the Internet #256
May,20 2018 IBM Warns of Instant Breaking of Encryption by Quantum Computers
May,20 2018 This Pool Trick Shot Genius
May,20 2018 New York City flyover was filmed in 12K
May,19 2018 Fluorescent Coral Glows in the Depth of the Ocean
May,19 2018 Guy Destroys A Round Of Beat Saber
May,19 2018 Qualcomm to Add WPA3 to Mobile Devices This Summer
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs