Less than three weeks ago, Adobe released a critical security update for its Flash Player plug-in fixing an exploit that allowed machines to be accessed remotely by attackers.
Yet another security update is out today (and strongly recommended). The new build (Version 188.8.131.52) intends to address a vulnerability that allowed attackers to target at least three nonprofit websites according to security firm FireEye and reported by ArsTechnica…
This threat actor clearly seeks out and compromises websites of organizations related to international security policy, defense topics, and other non-profit sociocultural issues. The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically.
This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term.