Adobe Flash Player Use After Free Remote Code Execution Vulnerability(CVE-2018-4878)

EXECUTIVE SUMMARY The 1st of February, Adobe published an advisory concerning a Flash vulnerability CVE-2018-4878. This vulnerability is a use after free that allows Remote Code Execute through a malformed Flash object. Additionally KISA Korean CERT published an advisory about a Flash 0-day used ...

Flash 0-Day In The Wild: Group 123 At The Controls

This blog post is authored by Warren Mercer and Paul Rascagneres. Executive Summary The 1st of February, Adobe published an advisory concerning a Flash vulnerability CVE-2018-4878. This vulnerability is a use after free that allows Remote Code Execute through a malformed Flash object. Additionall...

Beers with Talos EP 21: How to Hire the Best, Attribution Without Apaches is Useless

Beers with Talos BWT Podcast Episode 21 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP21 Show Notes: It is a packed episode this time! We are joined by Edmund from the Talos Outreach Grou...

Korea In The Crosshairs

This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. A one year review of campaigns performed by an actor with multiple campaigns mainly linked to South Korean targets. Executive Summary This article exposes the malicious activities of Group 123...