Malware researchers at Trend Micro have analyzed a malware that connects to the home routers and scan the home network then send the gathered information to CC before deleting it self . TROJ_VICEPASS.A pretends to be an Adobe Flash update, once its run it will attempt to connect to the home router admin council using a predefined list of user names and passwords.
Microsoft today shipped a bundle of security updates to address more than three dozen vulnerabilities in Windows and associated software. Included in the batch is a fix for a flaw first patched in 2010 — the very same vulnerability that led to the discovery of the infamous cyberweapon known as Stuxnet
For those of you who are loosing track, yet another Adobe Flash vulnerability has been unleashedon their unsuspecting users. I am sure we all know the wording off by heart now, but incase: Vulnerability identifier : APSA15-02 CVE number : CVE-2015-0313 Platform : All Platforms Quote : A critical vulnerability (CVE-2015-0313) exists inAdobe Flash Player 18.104.22.1686and earlier versions for Windows and Macintosh
Adobe has released an update to the Flash vulnerability CVE-2015-0311 discussed earlier this week here on the ISC . The update released from Adobe addresses Flash vulnerabilities documented in CVE-2015-0311 CVE-2015-0312, which now has exploits being seen in the wild. Given that we are seeing exploits in the wild, the criticality of this exploit should be re-evaluated for prioritization and implementation.
Original release date: January 26, 2015 Adobe has released Flash Player desktop version 22.214.171.1246 to address a critical vulnerability ( CVE-2015-0311 ) in 126.96.36.1997 and earlier versions for Windows and Macintosh. This vulnerability could allow an attacker to take control of the affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-01 and apply the necessary updates.
On Saturday, 24 JAN 2015, Adobe updated their Security Advisory for Adobe Flash Player specific to CVE-2015-0311 . From the update: Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 188.8.131.526 beginning on January 24.
Adobe apparently just released Flash version 184.108.40.2066. There is nothing on Adobes website if this is a patch. As a matter of fact, Adobe still lists 220.127.116.117 as the most recent version .
Original release date: January 19, 2015 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT).
Original release date: December 09, 2014 Adobe has released security updates to address multiple vulnerabilities in Flash, Reader, Acrobat, and ColdFusion.