We told you so.

Malware Attack Exploiting Flash Zero Day Vulnerability

It's been a while since we've last witnessed malware attacks using zero day vulnerabilities, and the latest one exploiting a zero day in Adobe's flash player is definitely worth assessing. The current malware attack has been traced back to Chinese blackhats, who are using a zero day to infect users with password stealers, moreover, one of the domains serving the Adobe zero day has been sharing the same IP with four of the malware domains in the recent waves of massive SQL injection attacks, indicating this incident and the previous ones are connected. According to Symantec :

SOURCE: much more

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

HAUTE SECURE

Your program is the only program protecting us from SLQ INJECTION.
Which is a much more serious threat than currently suspected.

SLQ gives hackers access to your PC on infected "trusted" sites, trusted sites have lowered security levels.

This is a new NEW VECTOR EXPLOIT.
coming from a trusted site, " it " can walk thru all current security programs and Vista isn't even a constraint, nor are MACs. Coming from a trusted site there are many vectors to infect your PC/MAC.

Paradigm Intel indicates we are in the middle of a massive invisible infection, motive unknown.

We told you so. #1, #2

Gerald
Internet Anthropologist, ad Magnum

UPDATE:
New sql injection site with fastflux hosting

This may be more serious than even we thought.
G

.

Related articles

• Confusion mounts over which Flash versions are under attack [via Zemanta]
• Symantec now says current Flash Player safe from attack [via Zemanta]
• Security experts speculate on mailicious Air code [via Zemanta]
• Potential Flash Player issue [via Zemanta]
• Department of Homeland Security website hacked! [via Zemanta]
• Exploited bug doesn't exist in latest version of Flash [via Zemanta]