Fancy Bear Hackers Race To Exploit Flash Bug Against The US And Europe

By   ISBuzz Team
Writer , Information Security Buzz | Oct 26, 2017 07:16 am PST

It has been reported that the Fancy Bear hackers are racing to exploit the recently announced Adobe Flash bug.

The hacking group are trying to exploit the flaw before patches are widely deployed. Chris Wysopal, CTO, CA Veracode commented below.

Chris Wysopal, CTO at CA Veracode:

“The current activity by the Fancy Bear hackers, as they race to exploit the recently-disclosed Adobe Flash bug before organisations issue the patch, highlights the opportunistic nature with which cybercriminals will exploit known vulnerabilities. Whenever there is a known vulnerability, it is a race between the attackers and defenders: for attackers to incorporate the new exploit into their attack toolkit and point it at their targets, and for defenders to update the vulnerable component and close the window of vulnerability. In this instance, Fancy Bear are banking on the fact that many businesses won’t be as quick off the mark to scan their applications as they are, leaving the back door wide open to these malicious actors.

“Struts-Shock,” a vulnerable Java component announced in March 2017 and widely used in applications, was another example of a newly disclosed vulnerability that was opportunistically exploited by cybercriminals to achieve several high-profile breaches. Perhaps most concerning, is that even in the weeks following the initial attacks, 68 percent of Java applications using the Apache Struts 2 library were still using the vulnerable version of the component. Organisations can’t take the same lethargic approach to patching this Adobe Flash bug as many took to Struts-Shock; Fancy Bear have already demonstrated that they’re checking whether you’ve got it – even if you’re not.

Digital disruption has led to a massive spike in the number of applications that businesses hold. With the application estate growing rapidly, it is too time consuming to rely on manual testing and patching each time a new vulnerable component is exposed. This is why an inventory of where vulnerable components lie and a highly automated process for updating is crucial for defenders.”


Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x