The Latest in IT Security

Blackhole’s Lesser Known Exploit

02
Apr
2012

Although Blackhole has been investigated and dissected multiple times, there are still some surprises that emerge. One thing we just discovered is an exploit for CVE-2011-0559, which is one of the two Flash exploits being used by Blackhole currently.

Flash code

Compared to other exploits, this one has been used by Blackhole for quite some time and yet. the coverage using different security products is very low.

VirusTotal results

With very low antivirus coverage, no Metasploit module, and PoCs being extremely difficult to find, this increases the chances of exploitation. Blackhole targets to exploit Adobe Flash 10.0 and earlier versions, 10.1, and 10.0.x (where x is later than 40). The vulnerability has been patched since March 2011. Detection has been added to F-Secure Anti-Virus as Exploit:W32/CVE-2011-0559.A.

Blackhole never ceases to surprise.

Threat Insight Post by – Karmina and Timo

Leave a reply


Categories

THURSDAY, OCTOBER 18, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks