More bad news for Flash-dependent websites

More bad news for Flash-dependent websites

Recent threat analyses of more than 100 exploit kits and known vulnerabilities found Adobe Flash Player to be the most commonly exploited product.  According to the report by Recorded Future, that software provided eight of the top 10 vulnerabilities used by exploit kits in 2015.

The exploit kits represent malware software or crimeware as a service. Users pay per installation of the malware, and push the exploitations through compromised sites or malicious third-party advertising. When victims load the web page or follow a bad link, the exploit code is launched and possibly downloaded. 

Recorded Future analyzed 108 exploit kits from Jan. 1 to Sept. 30 of this year and found thousands of web references linking Adobe Flash Player vulnerabilities to an exploit kit. Angler was one of the most popular exploit kits, and the analysis of web sources highlighted Angler payloads like Cryptowall, AlphaCrypt, Necurs and Bedep malware.

The security concerns surrounding Flash are not new to government agencies, and influential web players like Amazon, Apple and Google Chrome have already stopped supporting certain Flash features. As GCN previously reported, however, Adobe Flash Player is still required by a surprising number of government web sites.

About the Author

Amanda Ziadeh is a former reporter/producer for GCN.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected