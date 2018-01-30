Proprietary Security: Abobe, Windows, and Patching Buggy Chips
An Adobe Flash 0day is being actively exploited in the wild
The critical, use-after-free vulnerability, which is indexed as CVE-2018-4877, resides in the latest version of the widely installed Flash, researchers from Cisco Systems' Talos group said in a blog post. Adobe said separately that versions earlier than current Flash 28.0.0.137 are also susceptible. The vulnerability came to light on Wednesday when South Korea's CERT issued an advisory warning that attack code was circulating in the wild that exploited the zeroday flaw.
Talos said the exploit is being distributed through a Microsoft Excel document that has a malicious Flash object embedded into it. Once the SWF object is triggered, it installs ROKRAT, a remote administration tool Talos has been tracking since January 2017. Until now, the group behind ROKRAT—which Talos calls Group 123—has relied on social engineering or exploits of older, previously known vulnerabilities that targets hadn't yet patched. This is the first time the group has used a zeroday exploit.
Cryptocurrency botnets are rendering some companies unable to operate
Like Zealot, Smominru uses other exploit techniques to infect targeted computers, but it can fall back on the NSA-developed EternalBlue in certain cases, presumably for spreading from machine to machine inside infected networks or when other infection techniques fail on a machine that hasn't been patched. Smominru also makes use of the Windows Management Interface. Proofpoint said that the botnet is also likely exacting a punishing performance impact on the business networks it infects by slowing down servers and driving up electricity costs.
6 important security takeaways from applying Spectre and Meltdown patches
A flurry of patching commenced across all industries once these vulnerabilities came to light due to the severity involved. Here are seven important lessons I took away from the process:]...
