According to Internet security research firm FireEye, they have a new security exploit found in Adobe Flash. Last week, we reported that FireEye uncovered an Internet Explorer 10 vulnerability that was used to target a site for an organization that helps assists U.S. military veterans. FireEye is dubbing these attacks “Operation GreedyWonk.”
Visitors of the websites for the Peter G. Peterson Institute for International Economics, the American Research Center in Egypt, as well as the Smith Richardson Foundation “were redirected to an exploit server hosting this Flash zero-day through a hidden iframe,” according to FireEye.
Here’s what FireEye had to say about those behind Operation GreedyWonk:
“The group behind this campaign appears to have sufficient resources (such as access to zero-day exploits) and a determination to infect visitors to foreign and public policy websites. The threat actors likely sought to infect users to these sites for follow-on data theft, including information related to defense and public policy matters.”
FireEye recommends that to reduce your risk of falling prey to this threat, you should upgrade your OS from Windows XP, update Java and update Microsoft Office to the latest versions.
FireEye is working closely with Adobe on this matter, which has released a security bulletin of their own. You can check it out here.
What do you think? Sound off in the comments below.
- Adult content domains are home to half the sites using cryptomining malware
- Google found another critical security flaw in Microsoft Edge
- How Google’s ‘Project Zero’ task force races hackers to snuff out bugs
- AMD is working on fixes for the reported Ryzenfall, MasterKey vulnerabilities
- Cryptojacking turns your PC into a Bitcoin mine, but you won’t see a cent