CVE-2015-0311

Patch-or-die policy makes net scum move on to softer target

RSA 2015 Almost every Java-hacking black hat is now popping Adobe Flash, after Microsoft's hard-line patch policy made it harder to target software such as Java. The stricken scum now face a choice: work harder to find Java zero-days or abandon ship and start exploiting old Flash bugs. Redmond's security brains trust – Tim Rains, Matt Miller, and David Watson – say its patch wrecking ball, applied only to out-of-date Java installations last year, forced 90 per cent of that platform's hackers...

Pirated pirate site springs 'You've been iFramed' drive-by surprise

Multiple WordPress sites are being redirected to a Pirate Bay copycat which in turn was being used to sling malware, anti-malware firm Malwarebytes warns. Several WordPress sites were injected with the same iframe over the last few days as part of an attack ultimately geared towards serving content from sites such as thepiratebay(dot)in(dot)ua. This is not the officially maintained Pirate Bay mirror site, but rather a clone set up through The Open Bay project by hackers rather than file sharers...

Actually, it's about ethics in data kidnapping

Researchers have spotted malware that targets gamers, and threatens to trash their in-game progress unless they pay up. The software nasty, dubbed Teslacrypt, works in the same way as traditional ransomware like Cryptolocker. It attempts to infect Windows PCs by exploiting a vulnerability in Adobe Flash (CVE-2015-0311) or Internet Explorer (CVE-2013-2551). A victim has to visit a booby-trapped website to get infected, although the malware backs off if it detects the presence of some antivirus pa...

Hacker recipe: a dash of Flash, a sprinkle of Silverlight, a pinch of Java and YOU'RE DONE

Tousle-haired celebrity chef Jamie Oliver has served up a stomach-churning exploit kit to those who visit his web site. His eponymous .com site, ranked 519 in the UK and drawing some 10 million visitors a month was compromised to plate-up the foul-tasting Fiesta exploit kit to compromise user machines. Malwarebytes senior researcher Jérôme Segura said crook cooks orchestrated a "carefully and well hidden" attack and hid an iframe URL with base-64 encoding. "The web masters will need to look fo...

There is no honour among thieves

A black hat trouble maker appears to have released recent source code for one of the most popular exploit kits, malware-probers say. The dump was posted online by a user known as (@EkMustDie) before it was removed. The leaker appears to have previously tried to sell access to the exploit kit. Independent malware investigators including UK hacker known as MalwareTech (@MalwareTechBlog) and French bod Kaffeine (@kafeine) discovered the source code being slung on HackForums by the apparent former r...

Nuke it from orbit. It's the only way to be sure

Some 1800 subdomains have been found slinging the Angler exploit kit using Adobe's most recent Flash zero day exploit, Cisco researcher Nick Biasini says. The lion's share of nasty subdomains were set up on 28 and 29 January and tied to about 50 GoDaddy registrant accounts. Biasini said the malvertising attacks used several layers of subdomains to avoid detection. "Researchers detected the new campaign when referencing a known hash that was delivering the recent Flash zero day (CVE-2015-0311)," ...

Update your plugin now before someone pwns your PC

The new year hasn't been a pleasant one for Adobe: the Silicon Valley firm has scrambled to close yet more serious security holes in its Flash player. Last week the Photoshop biz rushed out a patch for a critical flaw in Flash that miscreants were exploiting in the wild to hijack victims' computers. Today, a new update has been pushed out to deal with two critical flaws: CVE-2015-0311 and CVE-2015-0312. The former was discovered by French malware researcher Kafeine, and the latter by someone cal...