Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

Latest Blog Posts

View all posts > 

Adobe tagged in these posts

Four Adobe Flash 0-days In Three Weeks - Patches Now Available

Posted: 14 Jul 2015 07:45 AM | Carl Leonard | no comments


Following on from the revelation of a 0-day in Adobe Flash in June 2015 ( CVE-2015-3113 , since patched) 3 further 0-days have been discovered in the last 3 weeks. The 3 have references CVE-2015-5119, CVE-2015-5122, and CVE-2015-5123. The knowledge of the 0-day Proof of Concept code arose from analysis...

Read more > 

Filed under: , , , , ,

Adobe Flash Player 0-day Abused In The Wild (CVE-2015-3113), Our Customers Protected

Posted: 24 Jun 2015 08:20 AM | Carl Leonard | no comments


Websense® Security Labs™ researchers are aware of a vulnerability within Adobe Flash Player, CVE-2015-3113. Exploitation of the vulnerability leads to a buffer overflow which can be abused by a malware author to execute arbitrary code on the compromised machine. Adobe have deemed this vulnerability...

Read more > 

Filed under: , , , ,

Flash forward – Angler, here we come

Posted: 27 Jan 2015 02:40 AM | Tamas Rudnai | no comments


As mentioned in the post, “Happy Nucl(y)ear - Evolution of an Exploit Kit”, we were planning to discuss the Angler exploit kit in detail in an upcoming post. However, the exploitation of a critical Adobe Flash 0-day vulnerability (CVE-2015-0311, patched) via the Angler exploit kit has fast-tracked our efforts and in this blog, we present the strategy adopted by the exploit kit to evade detection of the 0-day by security scanners. 0-days are valuable commodities and the longer they remain undiscovered, the more value they appropriate for the attacker(s).

 

 

Just as defense-in-depth is used as a strategy in the protection scenario, layered obfuscation is its equivalent in the evasion scenario. The attacker is interested in adopting a defense-in-depth approach to protect his / her investment and get the most ROI from exploits. A parallel in the physical world is a medieval castle which was protected by multiple wall system, so even when the external wall had taken down by catapults the so called inner castle was still standing strong.

...

Read more > 

Filed under: , , , ,

Flash 0-day being distributed by Angler Exploit Kit

Posted: 22 Jan 2015 04:41 AM | ngriffin | no comments


Websense is aware of a new zero-day vulnerability in Adobe Flash Player, which has been seen exploited in-the-wild by the Angler Exploit Kit. The exploit, as reported by security researcher Kafeine , is known to affect the latest 16.0.0.287 version of Flash Player and has been seen dropping a trojan...

Read more > 

Filed under: , , , , , , ,

Adobe Reader and Acrobat Vulnerability (CVE-2011-2462)

Posted: 07 Dec 2011 07:39 PM | Chris Astacio | no comments


Yesterday, Adobe released a Security Advisory warning about a vulnerability in Adobe Reader and Acrobat. Adobe rated this vulnerability "critical," because it may allow an attacker to execute code remotely and take control of an affected system. Adobe is currently working on a fix and planning...

Read more > 

Filed under: ,

Microsoft patches 15 important vulnerabilities

Posted: 15 Sep 2011 02:45 PM | Tamas Rudnai | no comments


This month, Microsoft issued 5 security bulletins covering 15 vulnerabilities in Excel and Windows. These updates are considered important rather than critical, as by the time of the patch there was no malicious code exploiting the vulnerabilities in the wild. Adobe also released a security bulletin patching 13 vulnerabilities in Acrobat Reader. Websense® Security Labs highly recommends applying the updates in order to avoid cyber criminals who may use these security holes for their malicious activities.

...

Read more > 

Filed under: , , , ,

One more Adobe 0-day vulnerability using Office files

Posted: 11 Apr 2011 04:44 PM | Patrik Runald | no comments


Today Adobe announced a new 0-day vulnerability (CVE-2011-0611) in Adobe Flash Player and Adobe Acrobat that, similar to the previous 0-day from less than a month ago, was found embedded in a Microsoft Office file. The vulnerability allows an attacker to execute malicious code on a computer and has been...

Read more > 

Filed under: ,