Security News for 5th August 2015
Idappcom CSO says "No need to panic about latest Flash vulnerabilities"
Although there have been many new Flash vulnerabilities released by Adobe in the recent weeks, we haven't really seen evidence of a shift away from the delivery mechanisms being used to exploit them. We are not saying don't be vigilant and fully recommend downloading the latest version of Flash Player as soon as possible, but maybe we should not be going into such of a meltdown over this.
Of all the PoCs that idappcom have worked with recently, the Flash documents all show evidence of a different attack method being used against Flash, but the Internet browser delivery methods have been similar. We already have Snort rules in the library, going back over a year that will catch such anomalous behaviour within an Internet Browser, but the latest addition will help to further protect the network where Flash is currently widely used.