Charles Leaver – If You Continue To Use Adobe Flash You Will Get Hacked

Written By Dr Al Hartmann And Presented By Charles Leaver Ziften CEO

 

Get Tough or Get Attacked.

Extremely experienced and talented cyber attack teams have actually targeted and are targeting
your organization. Your vast endpoint population is the most common point of entry for
competent attack groups. These business endpoints number in the thousands, are loosely managed,
laxly set up, and swarming with vulnerability direct exposures, and are operated by partially
trained, credulous users – the ideal target-rich chance. Mikko Hypponen, chief research officer
at F-Secure, typically says at industry symposia: “How many of the Fortune 500 are hacked
today? The response: 500.”

And how long did it take to penetrate your organization? White hat hackers carrying out
penetration screening or red group workouts typically compromise target businesses within the
first couple of hours, despite the fact that fairly and legally restrained in their approaches.
Black hat or state sponsored hackers may achieve penetration much more rapidly and protect
their presence indefinitely. Provided typical enemy dwell periods measured in hundreds of days,
the time-to-penetration is minimal, not an impediment.

Exploitation Packages

The industrialization of hacking has produced a black market for attack tools, including a
range of software applications for determining and making use of client endpoint
vulnerabilities. These exploit sets are marketed to cyber enemies on the dark web, with lots of
exploit package families and suppliers. An exploitation set runs by examining the software
application setup on the endpoint, recognizing exposed vulnerabilities, and using an
exploitation to a vulnerability direct exposure.

A relative handful of frequently released endpoint software represent the bulk of exploitation
set targeted vulnerabilities. This results from the sad truth that complex software
applications have the tendency to show a continual flow of susceptibilities that leave them
continually vulnerable. Each patch release cycle the exploitation package developers will
download the latest security patches, reverse engineer them to find the underlying
vulnerabilities, and update their exploitation sets. This will often be done quicker than
enterprises use patches, with some vulnerabilities remaining unpatched and ripe for
exploitation even years after a patch is released.

Adobe Flash

Prior to extensive adoption of HTML 5, Adobe Flash was the most typically utilized software for
abundant Internet material. Even with increasing adoption of HTML 5, legacy Adobe Flash
preserves a considerable following, maintaining its long-held position as the darling of
exploit kit authors. A recent research study by Digital Shadows, In the Business of
Exploitation, is useful:

This report evaluates 22 exploitation kits to comprehend the most regularly exploited software.
We tried to find patterns within the exploitation of vulnerabilities by these 22 sets to reveal
what vulnerabilities had actually been exploited most commonly, paired with how active each
exploitation kit was, in order to inform our evaluation.

The vulnerabilities exploited by all 22 exploit packages showed that Adobe Flash Player was
likely to be the most targeted software, with 27 of the seventy six determined vulnerabilities
exploited relating to this software application.

With relative consistency, dozens of fresh vulnerabilities are revealed in Adobe Flash monthly.
To exploit kit developers, it is the gift that keeps on giving.

The industry is discovering its lesson and moving beyond Flash for abundant web material. For
example, a Yahoo senior developer blogging just recently in Streaming Media noted:

” Adobe Flash, in the past the de-facto requirement for media playback online, has lost favor
in the industry due to increasing issues over security and performance. At the same time,
needing a plugin for video playback in browsers is losing favor amongst users as well. As a
result, the market is moving toward HTML5 for video playback.”

Amit Jain, Sep 21, 2016

Eradicating Adobe Flash

One step organizations may take now to solidify their endpoint configurations is to get rid of
Adobe Flash as a matter of enterprise security policy. This will not be an easy task, it might
hurt, but it will be handy in reducing your business attack surface. It involves blacklisting
Adobe Flash Player and enforcing browser security settings disabling Flash material. If done
properly, this is what users will see where Flash content appears on a legacy website:

refuse-flash-player-message

This message confirms two realities:

1. Your system is effectively configured to decline Flash content.

Congratulate yourself!

2. This site would jeopardize your security for their convenience.

Ditch this site!