The CVE-2018-4878 is a bug that allows remote code execution in Flash Player up to 28.0.0.137, spotted in the wild as a 0day, announced by the South-Korean CERT on the 31st of January. Patched on February 6, 2018 with ASPB18-03. Seen in malspam campaign two weeks after, it’s now beeing integrated in Exploit Kits. This […]
The CVE-2018-15982 is a bug that allows remote code execution in Flash Player up to 31.0.0.153, spotted in the wild as a 0day. Patched on December 05, 2018 with APSB18-42. Underminer: Underminer exploit kit improves in its latest iteration – 2018-12-21 – Malwarebytes Fallout: 2019-01-16 Figure 4: Fallout exploiting CVE-2018-15982 on Windows 7 – 2019-01-16 […]
Mobile app SDKs sport dodgy crypto defaults, set bad examples – updates available It has been revealed that Adobe’s Experience Platform mobile SDKs, used to create apps that interact with the company’s cloud services, until recently contained sample configuration files that created insecure default settings.… The Register – Security
Microsoft has announced that the new Microsoft Edge will follow the same Adobe Flash retirement roadmap as Chrome and other chromium-based browsers. […] BleepingComputer