Adobe Flash is the hacker gift that keeps on giving
Adobe Flash only took one of the top 10 spots in most-exploited vulnerabilities in 2013. What a difference two years can make. In 2015, every single one of the top 10 vulnerabilities targeted by exploit kits was related to Flash. The number of publicized Flash vulnerabilities jumped by almost 312 percent over 2014 levels. Part of understanding how to protect yourself against Adobe vulnerabilities is understanding that hackers aren’t coming to attack your directly. They make you come to them.
“If I’m a hacker,” says Heimerl, “I’m going to figure out how to get you to come to me. I’m going to poison the search results. I’m going to attack your DNS server. I’m going to do anything I can do to get you to come to my site.” Once that happens, the hacker’s exploit kit will run a fully automated attack, install a “rat” on your local machine and then make its way from your machine into your corporate network. If you’re using Flash on your website, he suggests looking into alternatives like HTML6. If you’re an end user, think about just turning Adobe Flash off on your browser. It will probably impact your user experience far less than you might think.
Adobe Flash only took one of the top 10 spots in most-exploited vulnerabilities in 2013. What a difference two years can make. In 2015, every single one of the top 10 vulnerabilities targeted by exploit kits was related to Flash. The number of publicized Flash vulnerabilities jumped by almost 312 percent over 2014 levels. Part of understanding how to protect yourself against Adobe vulnerabilities is understanding that hackers aren’t coming to attack your directly. They make you come to them.
“If I’m a hacker,” says Heimerl, “I’m going to figure out how to get you to come to me. I’m going to poison the search results. I’m going to attack your DNS server. I’m going to do anything I can do to get you to come to my site.” Once that happens, the hacker’s exploit kit will run a fully automated attack, install a “rat” on your local machine and then make its way from your machine into your corporate network. If you’re using Flash on your website, he suggests looking into alternatives like HTML6. If you’re an end user, think about just turning Adobe Flash off on your browser. It will probably impact your user experience far less than you might think.
