CVE-2015-7645 Flash Exploit in the Angler EK

Patch priorities need to be customized to your personal risk exposure – what is your stance on Flash vulnerabilities?

The latest and greatest vulnerability for Flash, CVE-2015-7645, is actively exploited by eCrime and espionage (APT 28) actors according to public sources.  Flash has become one of the hottest vectors for exploitation in the past two years.  This is due, in part, to how Blackhole prevalence was impacted by the arrest of the author Paunch for BHEK.  Angler has emerged as a leading exploit kit (EK) in the hole left by changes to the Blackhole market and it aggressively leverages new exploits in Flash.  As a result some companies that use Flash and have seen this same correlation priorities patches accordingly – they have emergency patch procedures and ramp up Flash much faster than the normal vulnerability.

If you are not patched against CVE-2015-7645 figure out what assets are at risk and what the impact would be if you were targeted by APT 28 or opportunistically attacked via the very popular and common Angler EK using this exploit vector.  Are your crown jewels at risk?  If ransomware made it’s way into your network can it easily locate shares and encrypt all the data and hold it for ransom?  Can you trust your backups to restore data or will you wonder if you have to pay thousands in extortion fees like so many others? Do you have procedures and the appropriate staff and procedures ready to go should an incident take place? The time to make such decisions is now, proactively, before disaster strikes.  If you need help in priorities, or having an incident response team standing by to assist – already set up and under NDA – contact 4D5A Security about our very affordable retainer program.