Another security story from The Register to start the week off:
Attackers have added a recent dangerous Adobe vulnerability to the Magnitude exploit kit, according to respected independent malware researcher "Kafeine". The remote code execution vulnerability (CVE-2015-3113) revealed last week allows attackers to hijack un-patched machines targeting Internet Explorer on Windows 7 and XP.
Web villains [sic] designated APT 3 by FireEye sleuths are already exploiting the flaw through phishing attacks. Now the researcher known as Kafeine says the vulnerability has been added to the Magnitude exploit kit in what is a significant elevation of risk for Flash users.
Kafeine says Magnitude attackers are using the exploit to drop the Cryptowall ransomware.
"CVE-2015-3113 has been spotted as a zero day by FireEye, exploited in limited targeted attacks. It's now making its path to exploit kits," he says.
Magnitude, said to generate as of August up to $US100,000 a month for its author, maintains about a third of the exploit kit market according to Trustwave. The researchers say the Magnitude author, thought to be a single Russian, could make up to $3 million a year.
(Score: 1, Funny) by Anonymous Coward on Monday June 29 2015, @04:44PM
PLASE INSTELL JAVA FLASH.NET TO USE WEBSITE OK :) :)