Adobe is working on a new piece of software that would act like a Photoshop for audio, according to Adobe developer, who spoke at the Adobe MAX conference in San Diego, California. The software is codenamed Project VoCo, and it’s not clear at this time when it will materialize as a commercial product.
The standout feature is the ability to add words not originally found in the audio file. An Adobe representative confirmed the project’s existence, clarifying that it was shown off as part of a sneak-peek program at the MAX conference. The project is currently in development as part of a collaboration between members of Adobe Research and Princeton University.Read more
Attackers are exploiting a critical vulnerability in Adobe's widely used Flash Player, and Adobe says it won't have a patch ready until later this week.
The active zero-day exploit works against the most recent Flash version and was detected earlier this month by researchers from antivirus provider Kaspersky Lab. It's being carried out by "ScarCruft," the name Kaspersky has given to a relatively new hacking group engaged in "advanced persistent threat" campaigns that target companies and organizations for high-value information and data. ScarCruft is a relatively new APT group, victims have been observed in several countries.Read more
The latest zero-day vulnerability in Adobe Systems' Flash player has been used over the past two weeks to distribute ransomware called Cerber, email security vendor Proofpoint said. The vulnerability affects all versions of Flash Player on Windows, Mac, Linux and Chrome OS.
Ryan Kalember, senior vice president of cybersecurity at Proofpoint, said his company detected an attack trying to exploit the flaw. One of Proofpoint's customers received an email with a document that contained a malicious macro that led victims through a series of redirects that eventually reached an exploit kit.Read more
Adobe is finally ready to say goodbye to Flash. In an announcement last night, Adobe said that it will now "encourage content creators to build with new web standards," such as HTML5, rather than Flash.
It's also beginning to deprecate the Flash name by renaming its animation app to Animate CC, away from Flash Professional CC. Flash has been slowly dying over the past decade, in part due to an absence of support on smartphones and in part because it's kind of become a scourge of the internet. Though Flash initially had great success as a tool for creating web games and animations, it has a number of downsides that have stood out more and more each year.Read more
A day after releasing its monthly security update, Adobe confirmed it has discovered a new vulnerability in Flash Player that affects every version running on the Windows, Macintosh and Linux operating systems.
Adobe said that it will issue an out-of-cycle security update next week to address the software plug-in's vulnerability, which it warned could crash and potentially allow an attacker to take control of the affected system. The bug was discovered earlier this week by researchers at Trend Micro. The San Jose, California-based software maker did not immediately respond to a request for more information on the vulnerability.Read more
The mob is turning against Flash. Mozilla has blocked every version of Adobe’s Flash plugin from running within its Firefox browser, while Facebook’s head of security has called for Adobe to kill it off.
The moves come following a series of vulnerabilities in Flash being actively exploited, including those exposed by the Hacking Team compromise. Firefox users seeking to view Flash-based content, such as videos, adverts or more complex web tools for uploading images and other actions, will need to click again and accept a warning that “Flash is known to be vulnerable. Use with caution”. That means users of Firefox cannot use Flash by default.Read more
Spyware company Hacking Team was compromised earlier this week, leading to 400GB of internal and files, source code, and emails being made available on torrent sites for anyone to download.
While there’s some embarrassing communications contained within the leak, some serious software flaws have also been discovered. Some source code contained within the leak includes software vulnerabilities that are being exploited by Hacking Team to break into PCs. Two unpatched vulnerabilities have been discovered, affecting Adobe’s Flash software and Microsoft’s Windows operating system.Read more
Researchers have found a new zero-day exploit in Adobe Flash used in malvertising attacks. The exploit affects the most recent version of Adobe Flash.
The initial analysis suggests that this might have been executed through the use of the Angler Exploit Kit, due to similarities in obfuscation techniques and infection chains. The infection happens automatically, since advertisements are designed to load once a user visits a site. Most of the users who accessed the malicious server related to the attack are from the USA. This post serves to warn end-users and enterprises of the severity of this threat.Read more
Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine has shared on Tuesday. The integer overflow vulnerability in question can allow attackers to execute arbitrary code via unspecified vectors, and is deemed critical.
Initial information about it has been shared with Adobe via HP's Zero Day Initiative. Researchers are admittedly worried about the short period of time that passed between is patching and the exploit surfacing in the Fiesta and Angler exploit kits. As Kafeine notes, it's technically possible that the exploit was included in the kits even before the patch was available.Read more
YouTube has become a daily habit for millions all over the world, but it looks like there has been some malicious activity on the website -- which may have affected more than 100,000 users over a 30 day period.
According to Trend Micro, they have been monitoring the activity on YouTube over the past couple of months and have found that the attack comes in the form of ads that are present on the site. While the ads themselves have no malicious content, the issue seems to occur when the ad is clicked. Although these ads should be monitored and screened by YouTube, some have seemed to slip through the cracks, redirecting to malicious websites that could cause infections.Read more