Skip to main content
  1. Home
  2. Computing
  3. News

Trend Micro finds Flash exploit utilized by Russian hackers in Pawn Storm attacks

Add as a preferred source on Google

An exploit in recent versions of Adobe Flash Player has been linked to recent cyber-attacks carried out by Russian hacker group Pawn Storm.

The group has become infamous for their high-profile attacks on targets like the German Parliament and French television network TV5Monde. The group is now targeting a global array of foreign affairs ministries, according to a report from security intelligence blog Trend Micro.

Recommended Videos

Pawn Storm is using methodology similar to that employed in cyber-attacks against the White House and NATO earlier in the year. The technique is known as spear phishing, which differs from standard phishing practices in that it targets specific individuals rather than broad swathes of users.

Emails with subject headings like ‘Syrian troops make gains as Putin defends air strikes’ and ‘Israel launches airstrikes on targets in Gaza’ were sent to targets with links purportedly leading to more information attached. These URLs would in fact lead to a platform for the Flash Player exploit to take hold.

It’s also thought that the group set up fake Outlook Web Access servers for several ministries that were targeted, which led to some credentials being stolen. Trend Micro suggests that one ministry found that its DNS settings for incoming email had been compromised as a result.

It’s worrying to see that a hacker group like Pawn Storm — also referred to as the Sofacy group and APT28 — is able to target ministries around the world with such success. However, it’s not surprising to see the organization’s reach, given the broadly held belief that the outfit maintains strong ties with the Russian government.

Trend Micro has shared its findings with Adobe, and at present the two companies are working on a method of fixing the exploit and ensuring that similar breaches don’t happen again in the future.

Brad Jones
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
ChatGPT will now remind teens to take breaks and give parents more controls
New parental controls include Quiet Hours, Study Mode defaults, and alerts for serious account violations.
chatgpt-teen-safety-features

OpenAI wants to make ChatGPT safer for teens, and the changes go well beyond a simple content filter. In a new update, the company laid out its stance on why teens should have access to AI in the first place, arguing that keeping them away from it entirely would leave them unprepared for one of the defining technologies of their generation.

Nearly 90% of teens already use ChatGPT weekly for learning, research, or getting organized, which is why OpenAI says access needs to come paired with real protections built for their age.

Read more
ChatGPT’s new search tool saves you from digging through old chats, files, and images
You can also filter ChatGPT search results by content type.
chatgpt-new-search

If you have ever lost a great ChatGPT answer somewhere in your endless chat history, that headache is finally over. OpenAI has rolled out a major search upgrade that lets you find old chats, projects, documents, and images all from one place.

Before this update, the sidebar search only pulled up past conversations, leaving uploaded files, projects, and generated images completely out of reach. The new search option is now available across web, iOS, and Android, on every ChatGPT plan, including free accounts.

Read more
You can now link your favorite apps to AI Mode in Google Search to get things done
AI Mode now works with Instacart, Canva, and YouTube Music inside Search.
google-search-ai-mode-connect-apps

Google is making AI Mode in Search more useful by letting you connect third-party apps. Starting this week in the US, you can securely connect some of your go-to apps directly to AI Mode, letting Search actually complete tasks for you instead of just answering questions.

This update builds on a similar trick Google already pulled off inside the Gemini app, and now it is landing in Search itself. The initial rollout includes three launch partners, Instacart, Canva, and YouTube Music, with Google saying more app integrations are on the way.

Read more