Adobe 0 Day
An unconfirmed Adobe Flash Player zero-day vulnerability was discovered yesterday by security researcher Kafeine. The zero-day is reported to affect the latest versions of Adobe Flash Player and has been seen in some versions of the Angler exploit kit. Initial reports indicate that Internet Explorer versions 6 to 10 running on Windows XP, Windows 7, and Windows 8 are affected. Fully patched versions of Windows 8.1 and Google Chrome browsers appear to be unaffected.
Symantec regards this vulnerability as critical because Adobe Flash Player is widely used and the flaw allows an attacker to effectively compromise a host, which then allows for the unauthorized installation of malware.
Symantec and Norton Products have the following detections in place to protect against instances of the Angler exploit kit attempting to use this unconfirmed vulnerability:
Antivirus
Trojan.Swifi
Intrusion prevention system
Web Attack: Angler Exploit Kit Website 15
Web Attack: Angler Exploit Kit Website 6
More information is available at the following URL:
https://www-secure.symantec.com/connect/blogs/unconfirmed-zero-day-vulnerability-discovered-adobe-flash-player
Continued trend in cases for CTB-Locker and other Crypto threats
Symantec Support has seen an influx in call volume for various crypto-malware threats; particularly but not limited to the CTB-Locker threat. Symantec Security Response has posted a blog providing details that will be helpful to understand what is being seen in the field.
S.R.L. blog here:
https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware