{"id":8738,"date":"2015-11-09T10:37:45","date_gmt":"2015-11-09T14:37:45","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8738"},"modified":"2015-11-09T10:37:45","modified_gmt":"2015-11-09T14:37:45","slug":"surprise-adobes-flash-is-a-favorite-hacking-target-by-far","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/09\/surprise-adobes-flash-is-a-favorite-hacking-target-by-far\/","title":{"rendered":"Surprise: Adobe&#8217;s Flash is a favorite hacking target by far"},"content":{"rendered":"<p><a href=\"http:\/\/www.pcworld.com\/author\/Jeremy-Kirk\/\" target=\"_blank\" rel=\"author\">Jeremy Kirk<\/a> | <a href=\"http:\/\/www.pcworld.com\/article\/3002671\/business-security\/no-surprise-here-adobes-flash-is-a-hackers-favorite-target.html\" target=\"_blank\">PCWorld<\/a><\/p>\n<section class=\"page\">Adobe Systems\u2019 Flash plugin gets no love from anyone in the security field these days. A <a href=\"https:\/\/www.recordedfuture.com\/top-vulnerabilities-2015\/\">new study<\/a> released Monday shows just how much it is favored by cybercriminals to sneak their malware onto computers.It looked at more than 100 exploit kits, which are frameworks planted in Web pages that automatically probe for software vulnerabilities when a user browses to a page.Those who develop exploit kits are often hired by others to help distribute specific kinds of malware.<\/p>\n<p>Of the top 10 vulnerabilities found in the exploit kits, eight of them were targeted at Adobe\u2019s Flash plugin, used on millions of computers to play multimedia content, according to <a href=\"https:\/\/www.recordedfuture.com\/\" target=\"_blank\">Recorded Future<\/a>,\u00a0a cybersecurity intelligence firm based in Somerville, Massachusetts.<\/p>\n<p>To arrive at its conclusions, Recorded Future looked at software vulnerabilities known to be used in popular exploit kits such as Angler, Neutrino and Nuclear Pack as well as in cybercrime forums between January and September.<\/p>\n<p>Echoing the conclusion of many other security experts, Recorded Future said the findings call\u00a0\u201cinto question Flash\u2019s place in a secure operating environment.\u201d<\/p>\n<p>\u201cWhile the role of Adobe Flash vulnerabilities as a regular in-road for criminals and malware should come as no surprise to information security professionals, the scale is significant,\u201d the report said.<\/p>\n<p>Adobe has been working for years to make Flash more secure through code reviews, but it has proven to be a mighty task for an application that\u2019s nearly two decades old.<\/p>\n<p>Monthly patches are almost always released by Adobe, and emergency patches come out for zero-day flaws that cybercriminals are actively using.<\/p>\n<p>Apple founder Steve Jobs famously forbid the iPhone from running Flash. This year, other companies have taken steps to reduce the risk of zero-day Flash flaws.<\/p>\n<p>Facebook\u2019s CSO, Alex Stamos, <a href=\"https:\/\/twitter.com\/alexstamos\/status\/620306643360706561?lang=en\" target=\"_blank\">wrote on Twitter<\/a> in July that it\u2019s\u00a0\u201ctime for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.\u201d<\/p>\n<p>In September, <a href=\"http:\/\/www.computerworld.com\/article\/2977088\/security\/google-to-freeze-some-adobe-flash-content-starting-sept-1.html\" target=\"_blank\">Google <\/a>stopped\u00a0automatically playing some extraneous Flash content on Web pages. The move was aimed at improving performance in the Chrome browser, but it also has security benefits.<\/p>\n<p>Perhaps the most humorous campaign against the application is the <a href=\"http:\/\/occupyflash.org\/\" target=\"_blank\">\u201dOccupy Flash\u201d<\/a> movement. The group advocates moving everything to HTML5, the latest specification of the Web\u2019s vernacular that has a host of multimedia capabilities.<\/p>\n<p>Occupy Flash\u2019s manifesto reads in part:\u00a0\u201cIt\u2019s time has passed. It\u2019s buggy. It crashes a lot. It\u2019s a fossil, left over from the era of closed standards and unilateral corporate control of web technology.\u201d<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>Jeremy Kirk | PCWorld Adobe Systems\u2019 Flash plugin gets no love from anyone in the security field these days. A [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,9],"tags":[45,455,1177],"class_list":["post-8738","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-adobe-flash","tag-hacking","tag-vulnerabilities"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-2gW","jetpack-related-posts":[{"id":8465,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/07\/13\/hacking-teams-arsenal-included-at-least-three-unpatched-exploits-for-flash-player\/","url_meta":{"origin":8738,"position":0},"title":"Hacking Team&#8217;s arsenal included at least three unpatched exploits for Flash Player","author":"NCCT","date":"July 13, 2015","format":false,"excerpt":"Recently breached surveillance software maker, Hacking Team, had access to three different exploits for previously unknown vulnerabilities in Flash Player. All of them are now out in the open, putting Internet users at risk. Milan-based Hacking Team develops and sells surveillance software to government agencies from around the world. On\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7570,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/05\/malicious-advertisements-on-major-sites-compromised-many-many-pcs\/","url_meta":{"origin":8738,"position":1},"title":"Malicious advertisements on major sites compromised many, many PCs","author":"NCCT","date":"February 5, 2015","format":false,"excerpt":"Attackers who have slipped malicious advertisements onto major websites over the last month have potentially compromised large numbers of computers. Several security vendors have documented attacks involving malicious advertisements, which automatically redirect victims to other websites or pages that silently attack their computer and install malware. \u201cWe certainly see malvertising\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5916,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/08\/attack-on-dailymotion-redirected-visitors-to-exploits\/","url_meta":{"origin":8738,"position":2},"title":"Attack on Dailymotion redirected visitors to exploits","author":"NCCT","date":"July 8, 2014","format":false,"excerpt":"Attackers injected malicious code into Dailymotion.com, a popular video sharing website, and redirected visitors to Web-based exploits that installed malware. The rogue code consisted of an iframe that appeared on Dailymotion on June 28, researchers from security vendor Symantec said Thursday in a blog post. The iframe redirected browsers to\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5710,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/10\/microsoft-pushes-out-massive-security-update-for-internet-explorer\/","url_meta":{"origin":8738,"position":3},"title":"Microsoft pushes out massive security update for Internet Explorer","author":"NCCT","date":"June 10, 2014","format":false,"excerpt":"Microsoft pushes out massive security update for Internet Explorer Six down, six to go. Today is the Microsoft Patch Tuesday for June, and it comes with seven new security bulletins. The good news is that five of the seven are only rated as Important, but one of the two Critical\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8135,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/27\/just-released-wordpress-0day-makes-it-easy-to-hijack-millions-of-websites-updated\/","url_meta":{"origin":8738,"position":4},"title":"Just-released WordPress 0day makes it easy to hijack millions of websites [Updated]","author":"NCCT","date":"April 27, 2015","format":false,"excerpt":"Our blog was not affected...NCCT Update: About two hours after this post went live, WordPress released a critical security update that fixes the 0day vulnerability described below. The WordPress content management system used by millions of websites is vulnerable to two newly discovered threats that allow attackers to take full\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/OCqQZJZ1Ie4\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":8767,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/07\/security-vulnerabilities-found-in-support-software-from-lenovo-toshiba-and-dell\/","url_meta":{"origin":8738,"position":5},"title":"Security vulnerabilities found in support software from Lenovo, Toshiba, and Dell","author":"NCCT","date":"December 7, 2015","format":false,"excerpt":"By Lucian Constantin | PCWorld The number of vulnerabilities discovered in technical support applications installed on PCs by manufacturers keeps piling up. New exploits have been published for flaws in Lenovo Solution Center, Toshiba Service Station and Dell System Detect.The most serious flaws appear to be in Lenovo Solution Center\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8738","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8738"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8738\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8738"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8738"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}