Magnitude Exploit Kit Adobe Flash Player Vulnerability

Uploaded on 2015-06-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

haengineering-injection.png

The kit now includes an exploit for CVE-2015-3105, which was fixed as part of Adobe's Flash Player update earlier this month. Despite the update however, many users are still running older versions of the software and remain at risk, blogged Trend Micro Threat Analyst Peter Pi. According to Pi, the kit is using the vulnerability to infect victims with CryptoWall 3.0, a particularly virulent piece of ransomware.
"This is another example of how cybercriminals rapidly take advantage of recently-patched vulnerabilities through exploit kits," Pi blogged. "We saw a similar incident in March, where exploits for an Adobe Flash Player vulnerability were added to the Nuclear Exploit Kit just a week after the patch was released. We also noted earlier this month that Flash Player was being targeted more frequently by exploit kits, and that shows no sign of changing soon."

Trend Micro began noticing the exploit being used by the kit on June 15. According to the company, the countries most affected by the threat include the United States, Canada and the U.K.

In the 2015 Trustwave Global Security Report, Trustwave said that 33 percent of the exploits it detected in 2014 were targeting Adobe Flash, an increase of more than 28 percent points from the previous year.
"One of Magnitude's main differentiators is its traffic sharing business model," according to the Trustwave report. "Criminals can't pay to rent Magnitude. Instead, they trade up to 20 percent of the traffic they direct to the kit to Magnitude's administrators. The administrators then do what they will with their share of the traffic, most often infecting victim machines with ransomware."
"Widely-used exploit kits such as Magnitude are often well-maintained with new vulnerabilities," Pi explained. "Our research on these tools reveals that Magnitude is one of the most used exploit kits by cybercriminals along with SweetOrange and Angler. CryptoWall is also another notable threat in and of itself. We initially saw CryptoWall last year spreading through spam, and again later this year partnering with information stealing malware FAREIT."
Trend Micro recommends users stay up-to-date with the latest version of Flash Player.
Security Week: http://bit.ly/1FqwTXD

« New Snowden Documents Reveal US Spying Has Actually Expanded
Cybersecurity in the Boardroom »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Evok

Evok

EVOK is an IT Service provider specialized in installing, maintaining and supporting IT infrastructures for SMB's in Switzerland.

Markel International

Markel International

Markel International is an international insurance company which looks after the commercial insurance needs of businesses. Specialist services include Cyber Risk insurance.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Space ISAC

Space ISAC

Space ISAC is the only all-threats security information source for the public and private space sector.

ContraForce

ContraForce

ContraForce is a threat detection and response software providing complete visibility across cloud, network, endpoints, user, and email with the ability to target and block threats in real-time.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Ministry of Electronics & Information Technology (MeitY)

Ministry of Electronics & Information Technology (MeitY)

The Ministry of Electronics & Information Technology is an executive agency responsible for IT policy, strategy and development of the electronics industry.

Deutsche Gesellschaft für Cybersicherheit (DGC)

Deutsche Gesellschaft für Cybersicherheit (DGC)

As a leading provider of cyber security, DGC supports companies in taking advantage of the opportunities offered by the digital transformation – and in minimizing the associated risks.

Thoropass

Thoropass

Thoropass (formerly Laika) helps you get and stay compliant with smart software and expert services.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.

Driven Technologies

Driven Technologies

Driven is a cloud native service provider transforming the way companies leverage technology to improve business by securing, modernizing, and connecting applications, users, and data.

Linx Security

Linx Security

The Linx Identity Security platform enables identity, security, and IT ops teams to finally control the whole identity lifecycle.