Palo Alto Networks Unit 42 Vulnerability Research December 2016 Disclosures

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have reported six vulnerabilities that have been fixed by Apple, Adobe and Microsoft. This includes two vulnerabilities in Apple WebKit and impacts iCloud for Windows, Safari, iTunes for Windows, tvOS and iOS. CVE-2016-7639: Tongbo Luo CVE-2016-7642:

Palo Alto Networks Researcher Discovers Eight Critical Vulnerabilities in Adobe Flash Player

Palo Alto Networks was recently credited with the discovery of eight new vulnerabilities affecting Adobe Flash Player. Researcher Tao Yan discovered critical vulnerabilities CVE-2016-4182, CVE-2016-4237, CVE-2016-4238, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, and CVE-2016-4285 affecting Adobe Flash Player. Descriptions of each, as well as details on affected versions and products, are included in the following Adobe Security

New Attacks Linked to C0d0so0 Group

While recently researching unknown malware and attack campaigns using the AutoFocus threat intelligence platform, Unit 42 discovered new activity that appears related to an adversary group previously called “C0d0so0” or “Codoso”. This group is well known for a widely publicized attack involving the compromise of, in which the site was used to compromise selected

Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor

On July 16, 2015, the Palo Alto Networks Unit 42 threat intelligence team discovered a watering hole attack on the website of a well-known aerospace firm. The website was compromised to launch an apparent watering-hole attack against the company’s customers. It was hosting an Adobe Flash exploit targeting one of the newly disclosed vulnerabilities from

APT Group UPS Targets US Government with Hacking Team Flash Exploit

On July 8, 2015, Unit 42 used the AutoFocus Threat Intelligence service to locate and investigate activity consistent with a spear-phishing attack targeting the US Government. The attack exploited an Adobe Flash vulnerability that stems from the zero-day vulnerabilities exposed from this month’s Hacking Team data breach. The spear-phishing attack used a link to a

The Latest Flash UAF Vulnerabilities in Exploit Kits

Introduction Recently, several popular exploit kits, including Angler, Flash EK, SweetOrange, Fiesta andNeutrino[1], have included several use-after-free (UAF) vulnerabilities in Adobe Flash to exploit victims’ browsers. Previously, these exploit kits typically used out-of-bounds access (OBA) vulnerabilities in Adobe Flash, as these types of vulnerabilities can be exploited universally and stably [2], and require less effort