10 July 2015
I am receiving about 20 phishing mails a week. Most attackers invest a lot of effort in their counterfeits but, sometimes they overshoot the mark. My July candidate for the Most-Slanting-Phishing-Site-of-the-Year award is:
Earlier this week the Italian company Hacking Team was hacked. The attackers made more than 400GB of confidential company data available to the public. The leaked data included tools and exploits provided by the company to carry out attacks, among them a new Flash Player zero day affecting Flash Player up to version 22.214.171.124.
Two critical vulnerabilities in as many weeks, that’s really annoying. The problem with the latest Flash Player attacks is that the payload is hidden in Flash Player SWF files. Thus, basically every SWF file might carry a malicious payload…
… It’s definitely time to solve the Flash Player problems once and for all.
Have a good weekend.