ExtremeHacking
Today : | Time : | safemode : ON
> / Main Website / Cyber Surakha Abhiyan / Hackers Charity / Linkedin / facebook / twitter /
Name Author Perms Com Modified Label

Hacking Team Flash Zero-Day Linked to Cyber Attacks on South Korea and Japan Unknown rwxr-xr-x 0 7/09/2015

Filename Hacking Team Flash Zero-Day Linked to Cyber Attacks on South Korea and Japan
Permission rw-r--r--
Author Unknown
Date and Time 7/09/2015
Label
Action

Ethical Hacking Institute in Pune
Extreme Hacking 

The corporate data leaked in the recent cyber attack on the infamous surveillance software firm Hacking Team has revealed that the Adobe Flash zero-day (CVE-2015-5119) exploit has already been added to several exploit kits.




























The successful exploitation of the zero-day Flash vulnerability could cause a system crash, potentially allowing an attacker to take full control of the affected system.
Adobe Flash Zero-Day Targeted Japan and Korea

According to the researchers, the zero-day exploit, about which the rest of the world got access on Monday, was apparently used in limited cyber attacks on South Korea and Japan.
"In late June, [Trend Micro] learned that a user in Korea was the attempted target of various exploits, including a Flash vulnerability (CVE-2014-0497) discovered last year," Weimin Wu, threat analyst at Trend Micro wrote.

"Traffic logs indicate the user may have received spear-phishing emails with attached documents…contained a URL for the user to visit. This URL led to a site hosted in the United States, which [included] a Flash exploit, detected as SWF_EXPLOYT.YYKI. This particular exploit targets the zero-day Adobe vulnerability that was disclosed during the Hacking Team leak."

The zero-day exploit downloads a Trojan on the target victim's computer, which further downloads several other malicious payloads on the infected system.

Researchers say the zero-day exploit code they came across was very similar to the exploit code revealed as part of the Hacking Team data breach. This simply means the attack was conducted by someone with the access to the tools and services offered by Hacking Team.

However, Adobe has released a patch to address this Adobe Flash zero-day (CVE-2015-5119) vulnerability, thereby advising users to install the update as soon as possible.

www.extremehacking.org
CEHv9 CHFI ECSAv9 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, Center For Advanced Security Training in India, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune



 

Cyber Suraksha Abhiyan | Sadik Shaikh © 2015 Sadik Shaikh | CEH V9 | ETHICAL HACKING Course Training Institute in India-Pune
Extreme Hacking Template design by Sadik Shaikh | Cyber Suraksha Abhiyan