SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Flash Player
27 Feb 2018

North Korea's Flash Player flaw now exploited by cybercriminals

The flaw in question, CVE-2018-4878, is a use-after-free bug that Adobe patched on February 6, following reports that North Korean hackers had been exploiting the vulnerability in attacks aimed at South Korea.

The threat group, tracked as APT37, Reaper, Group123 and ScarCruft, has been expanding the scope and sophistication of its campaigns. After Adobe patched the security hole, which allows remote code execution, other malicious actors started looking into ways to exploit CVE-2018-4878. Morphisec said it spotted a campaign on February 22, which had been using a version of the exploit similar to the one developed by APT37. 

Read more
Tags:
Flash Player hackers
Source:
SecurityWeek
1568
4 Aug 2017

Android malware: invisible man poses as Flash, steals sensitive information

Android users need to be on the lookout yet again for a new type of malware targeting the mobile devices. The latest attack poses as an update to Flash and targets banking information and credit card details of its victims.

The attack, discovered by security researchers at SophosLabs, has been identified as Andr/Banker-GUA or Invisible Man —a variant of a well-known banking malware known as Svpeng that previously ran amok on Android devices. The modified version of the trojan originally developed by Russian hackers has an additional threat that was absent in the original: a keylogger that keeps track of everything a victim types on their infected devices.

Read more
Tags:
Android hackers information leaks Flash Player
Source:
IBTimes
1570
3 Nov 2016

Android trojan posing as Flash Player targets over 90 major banks

A new Android banking Trojan, which masquerades as a Flash Player app, targeting customers of at least 90 major banks across the US and Europe has been uncovered. The malware can be considered to be highly advanced and dangerous, especially given its ability to bypass SMS-based two-factor authentication.

Some of the banking apps targeted by the malware include Deutsche Bank, Santander, American Express, Coinbase, Credit Karma, Paypal and Wells Fargo, among others. This banking malware can steal login credentials from 94 different mobile banking apps. The banking Trojan also comes with the ability to target some of the more popular social media apps.

Read more
Tags:
information leaks Android Flash Player
Source:
IBTimes
1812
1 Aug 2016

Firefox will dump Adobe’s Flash in August

Adobe’s Flash technology is on its way out of the Firefox internet browser. In August, Mozilla Corp., maker of the browser, will begin defaulting to HTML 5 instead of Flash for video, online animations, games and other rich media.

If users run into a website where there is no non-Flash option available, Firefox will still render that site in Flash. But next year, Firefox will ask for permission before it renders any sites in Flash or Microsoft Corp.’s Silverlight, a rich-media technology similar to Flash. Web browser plugins, such as Flash and Silverlight, “often introduce stability, performance, and security issues for browsers,” said Benjamin Smedberg, a manager of Firefox quality engineering, in a blog post.

Read more
Tags:
Firefox data protection Mozilla Flash Player
Source:
The Wall Street Journal
1932
16 Jun 2016

Critical Adobe Flash bug under active attack currently has no patch

Attackers are exploiting a critical vulnerability in Adobe's widely used Flash Player, and Adobe says it won't have a patch ready until later this week.

The active zero-day exploit works against the most recent Flash version and was detected earlier this month by researchers from antivirus provider Kaspersky Lab. It's being carried out by "ScarCruft," the name Kaspersky has given to a relatively new hacking group engaged in "advanced persistent threat" campaigns that target companies and organizations for high-value information and data. ScarCruft is a relatively new APT group, victims have been observed in several countries.

Read more
Tags:
Adobe information leaks Flash Player
Source:
Ars Technica
2131
26 May 2016

Three exploit kits spreading attacks for recent Flash Player zero day

Exploits for the most recent Adobe Flash Player zero-day vulnerability have been integrated into the Angler, Neutrino and Magnitude exploit kits, and are leading compromised computers to different ransomware strains, banking malware, and a credential-stealing Trojan.

A French researcher who goes by the handle Kafeine told that Neutrino has embedded a working exploit for vulnerability while Magnitude has not fully implemented the exploit. Kafeine this morning also confirmed that the Angler Exploit Kit has now integrated the same Flash zero day exploit. The Angler exploits, however, are dropping the Dridex banking Trojan.

Read more
Tags:
information leaks Flash Player
Source:
Threatpost
1902
12 Apr 2016

The latest Flash zero-day was used to spread Cerber ransomware

The latest zero-day vulnerability in Adobe Systems' Flash player has been used over the past two weeks to distribute ransomware called Cerber, email security vendor Proofpoint said. The vulnerability affects all versions of Flash Player on Windows, Mac, Linux and Chrome OS.

Ryan Kalember, senior vice president of cybersecurity at Proofpoint, said his company detected an attack trying to exploit the flaw. One of Proofpoint's customers received an email with a document that contained a malicious macro that led victims through a series of redirects that eventually reached an exploit kit.

Read more
Tags:
Adobe information leaks Flash Player
Source:
Computerworld
1774
11 Mar 2016

Android banking trojan masquerades as Flash Player

A new Android trojan that's being detected is targeting users for the purpose of stealing their banking and Google account credentials. Security researchers say that the trojan is distributed via websites that advertise a Flash Player for Android devices.

Adobe officially stopped developing a Flash client for Android in 2012, so this is an obvious trick to fool users into installing a dangerous APK on their system. Once downloaded and the installation process started, the trojan will ask for admin rights. Giving it admin rights not only makes it much harder to remove later on but it also grants the trojan the access needed to carry out its attacks undisturbed.

Read more
Tags:
Android information leaks Flash Player
Source:
Softpedia
2318
3 Dec 2015

Adobe is telling people to stop using Flash

Adobe is finally ready to say goodbye to Flash. In an announcement last night, Adobe said that it will now "encourage content creators to build with new web standards," such as HTML5, rather than Flash.

It's also beginning to deprecate the Flash name by renaming its animation app to Animate CC, away from Flash Professional CC. Flash has been slowly dying over the past decade, in part due to an absence of support on smartphones and in part because it's kind of become a scourge of the internet. Though Flash initially had great success as a tool for creating web games and animations, it has a number of downsides that have stood out more and more each year.

Read more
Tags:
Adobe information leaks Flash Player
Source:
The Verge
1735
16 Oct 2015

Another security flaw affects all versions of Adobe Flash

A day after releasing its monthly security update, Adobe confirmed it has discovered a new vulnerability in Flash Player that affects every version running on the Windows, Macintosh and Linux operating systems.

Adobe said that it will issue an out-of-cycle security update next week to address the software plug-in's vulnerability, which it warned could crash and potentially allow an attacker to take control of the affected system. The bug was discovered earlier this week by researchers at Trend Micro. The San Jose, California-based software maker did not immediately respond to a request for more information on the vulnerability.

Read more
Tags:
Adobe information leaks Flash Player
Source:
CNet
2133
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
First page Previous
1 2
Next Last page
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015