Security Affairs
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Magnitude EK authors are integrating exploit code for CVE-2016-4117 Adobe flaw

The authors of the Magnitude exploit kit are integrating the exploit code for the CVE-2016-411 Adobe Flash Player vulnerability. Recently security experts from FireEye detailed the exploit chain for the  Adobe Flaw Vulnerability CVE-2016-4117 that was first spotted by the company earlier May. The CVE-2016-4117 flaw affects older versions of the Adobe Flash, after the disclosure of […]

Magnitude EK authors are integrating exploit code for CVE-2016-4117 Adobe flaw

The authors of the Magnitude exploit kit are integrating the exploit code for the CVE-2016-411 Adobe Flash Player vulnerability.

Recently security experts from FireEye detailed the exploit chain for the  Adobe Flaw Vulnerability CVE-2016-4117 that was first spotted by the company earlier May.

The CVE-2016-4117 flaw affects older versions of the Adobe Flash, after the disclosure of the flaw Adobe confirmed that the vulnerability was being exploited in cyber attacks in the wild. The CVE-2016-4117 was rated as critical and affects Windows, Mac OS X, Linux and Chrome OS.

“A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.” reads the advisory published by Adobe.

“Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild.  Adobe will address this vulnerability in our monthly security update, which will be available as early as May 12. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.”

Only after Adobe fixed the flaw, the security researcher Genwei Jiang revealed the details of the previously undisclosed phishing attacks he reported to Adobe. New information on the Adobe Flash flaw comes from the French security researcher known Kafeine that reported the integration of the exploit code in the Magnitude EK.

“Discovered being exploited in the wild by FireEye [1] on May 8, 2016, patched 4 days later with Flash 21.0.0.242, CVE-2016-4117 is making its way to Exploit Kits.” wrote Kafeine.
Magnitude : CVE confirmed by FireEye – Thanks ! On 2016-05-21 Magnitude is firing an exploit to Flash up to 21.0.0.213.”

The expert noticed that the exploit code was added to the Magnitude EK to trigger the vulnerability in Flash Player 21.0.0.213 installations.

The Magnitude EK is the unique at the time I was writing that is integrating the exploit code for the CVE-2016-4117.

Kafeine explained that he did not get exploitation at the time it was analyzing it, a circumstance that suggests that the integration is progress.

At the time I’m writing the spotted sample (f5cea58952ff30e9bd2a935f5843d15952b4cf85cdd1ad5d01c8de2000c48b0a) is detected only by 5 of 56 antivirus solution.

Kafeine told SecurityWeek that the exploit has been used exclusively to deliver the Cerber ransomware.

The authors of the Magnitude EK continue to upgrade their crimeware kit with new exploit code, in April, they included the code for the exploitation of the Adobe flaw CVE-2016-1019 affecting Flash Player 21.0.0.197 that was exploited to serve ransomware.

If you appreciate my effort in spreading cyber security awareness, please vote for Security Affairs as best European Security Blog. Vote SecurityAffairs in every section it is reported. I’m one of the finalists and I want to demonstrate that the Security Affairs community a great reality.

https://www.surveymonkey.com/r/secbloggerwards2016

Thank you

Pierluigi

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Magnitude exploit kit, CVE-2016-4117)