To organisations that are still using Flash, beware: there is a zero-day cybersecurity vulnerability that hackers are rushing to exploit while they still can.
The vulnerability was discovered by Kaspersky Lab researchers last Monday. Basically, it allows for code execution on Windows, Chrome OS, Mac, and even Linux. Potentially, the hackers could be using this flaw to install malware for the purposes of eavesdropping on video and voice communications, snooping on text chats, and file theft.
APT28, also known as Fancy Bear, a Russian group of hackers, are already targeting the government offices in both Europe and the US, but private businesses, like the ones in the aerospace industry, are by no means an exception.
The campaign is rather widespread, which suggests the hacking group likely wants to get as much as possible out of the exploit prior to organisations starting to catch on. If you’ve received a document titled “World War 3.docx”, beware! This document is a decoy for the malicious code.
According to the researchers, APT28 is moving quickly to exploit this cyber security vulnerability prior to the patch being widely deployed. The data available seems to suggest that Flash is still installed on a high percentage of systems. Since all major operating systems are affected by this vulnerability, it is of utmost importance that both organisations and end users rush to apply the update as soon as they can.
Researchers at Proofpoint have also warned us of the possibility that there may be other actors looking for an opportunity to take advantage of this threat; while this is still an option.