In-brief: Trend Micro warned about targeted attacks on diplomatic missions that take advantage of a previously undiscovered hole in Adobe Flash.
The folks over at Trend Micro write today about a new round of attacks using a previously unknown (zero day) vulnerability in Adobe’s Flash technology. The new attacks appear to use malware laden phishing emails to target “foreign affairs ministries around the globe.”
From the article:
Trend Micro researchers have discovered that the attackers behind Pawn Storm are using a new Adobe Flash zero-day exploit in their latest campaign.
Pawn Storm is a long-running cyber-espionage campaign known for its high-profile targets and usage of the first Java zero-day we’ve seen in the last couple of years.We coordinated with Adobe in processing this finding. They have since released a security advisory assigned it with the identifier CVE-2015-7645 (and announced that the patch will be released on the week of October 19).
In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events, with the email subjects containing the following topics: