Blog | G5 Cyber Security

Recently patched CVE-2018-4878 Adobe Flash Player flaw now exploited by cybercriminals

Security researchers at Morphisec have uncovered a massive hacking campaign that is exploiting the recently patched CVE-2018-4878 Adobe Flash Player vulnerability. The company spotted a campaign on February 22, the attackers were using a version of the exploit similar to the one used by the APT37 group. The attackers used spam emails containing a link to a document stored on safe-storage[.]biz. Once downloaded and opened, the document tries to trick victims with social engineering. It notifies users that an online preview is not available and instructs them to enable editing mode in order to view the content.”]

Source: https://securityaffairs.co/wordpress/69620/cyber-crime/cve-2018-4878-malspam-campaign.html

Exit mobile version