Adobe today released a second security update for its Adobe Flash Player software on both Mac and Windows, addressing a threat that could allow an attacker to take control of an affected system, executing malicious code. The vulnerability (CVE–2014–0502) allowed attackers to compromise at least three nonprofit organizations according to security firm FireEye (via ArsTechnica).This threat actor clearly seeks out and compromises websites of organizations related to international security policy, defense topics, and other non-profit sociocultural issues. The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically.Today's update follows a critical security update that was released just over two weeks ago, fixing the same zero-day vulnerability giving hackers complete control over compromised systems.
This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term.
The vulnerability affects all Macs with Adobe Flash Player versions before 12.0.0.70 and Adobe recommends all users update their products to the latest of Flash. Adobe maintains a site where users can check the version of Flash installed and the up-to-date Flash software can be downloaded from Adobe's website.
125 comments
Apple this week began stocking a new 4K 23.7-inch LG UltraFine Display, which replaces the original 21.5-inch 4K LG UltraFine Display that was pulled from retail stores and the online Apple Store...
Ahead of the 2019 Worldwide Developers Conference, which kicks off on Monday, June 3 with a keynote event, Apple has updated its official WWDC app for iOS devices.
There have been no design...
Apple today quietly released an updated version of macOS Mojave 10.14.5, which is designed for 15-inch MacBook Pro models that feature a T2 security chip, aka the 2018 and 2019 machines.
The new...
Apple today sent out media invites for the keynote event of its 30th annual Worldwide Developers Conference, which takes place at 10:00 a.m. Pacific Time at the McEnery Convention Center in San Jose,...
The UK's competition watchdog today announced that Apple has formally agreed to be "clearer and more upfront with iPhone users" about battery health and performance to ensure compliance...
The FTC today won its antitrust lawsuit against Qualcomm over the chipmaker's anticompetitive business practices.
As first reported by legal expert Florian Mueller on his blog FOSS...
Safari on iOS has a surprising number of hidden tricks, letting you manipulate tabs, conduct page-specific searches, and more, and not all of these features are immediately obvious due to the...
Cannes Lions today announced that Apple has been named the Creative Marketer of the Year, marking the first time the Cupertino company has won the award.
Apple was named the Creative Marketer of...
