Previous Story
Hacking Team comments on breach while industry reels from data trove – South Carolina
“Before the attack, Hacking Team could control who had access to the technology which was sold exclusively to governments and government agencies”, read the statement.
Although many online commenters pointed out perceived fallacies between the company’s idea of good entities and bad ones, others noted that while the governments using the firm’s technology might not fit everyone’s definition of “upstanding”, the fallout from the breach does put malware and vulnerabilities into cybercriminals’ hands.
Italy-based Hacking Team said that its computers were breached over the past weekend, and 400GB of sensitive data was released online.
The second vulnerability affects an Adobe font driver in Windows.
“I am not sure why people are laughing at Hacking Team statement of bad actors now being able to use their spy malware”, tweeted contractor and iOS researcher Will Strafach. Flash, it seems, is a weapon of choice in computer espionage.
“In late June, we learned that a user in Korea was the attempted target of various exploits, including CVE-2014-0497, a Flash vulnerability discovered previous year”. Apple stopped including Flash a part of the default OS X installer for Macs years ago, and Adobe even conceded that HTML5 was the new standard for multimedia delivery on the Internet. The Hacking Team incident is a clear reminder that companies and governments hold back Flash exploits so they can use them for espionage and profit at our expense.
“We believe the overall risk for customers is limited, as this vulnerability could not, on its own, allow an adversary to take control of a machine. Uninstalling takes just a minute and is one of the best ways to protect yourself against a wide range of attacks”. If you do need it, ask yourself why, because it’s possible there’s an alternate solution available.
[ ALSO ON CSO: In Pictures: Hacking Team’s hack curated ].
The spear phishing message found by Volexity urges the victim to download and install an updated version of Flash and includes a link to http://get[.]adobe[.]com that instead redirects the recipient to a site hosted by PEG TECH Inc.
These have included exploits for jailbroken iPhones, Android tablets and smartphones and a previously undiscovered Adobe Flash vulnerability.
Security company Bromium, published its analysis of the zero day, determining it was a byte array use-after-free memory issue that allows an attacker to gain control of a Windows machine running the vulnerable Flash Player.
