{"id":11691,"date":"2015-07-14T11:44:42","date_gmt":"2015-07-14T15:44:42","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=11691"},"modified":"2016-03-31T10:11:44","modified_gmt":"2016-03-31T14:11:44","slug":"third-hacking-team-flash-zero-day-found","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2015\/07\/14\/third-hacking-team-flash-zero-day-found\/","title":{"rendered":"Third Hacking Team Flash Zero-Day Found"},"content":{"rendered":"<p><a href=\"https:\/\/krebsonsecurity.com\/2015\/07\/third-hacking-team-flash-zero-day-found\/\">Brian Krebs<\/a>:<\/p>\r\n<blockquote cite=\"https:\/\/krebsonsecurity.com\/2015\/07\/third-hacking-team-flash-zero-day-found\/\"><p>For the <a href=\"http:\/\/krebsonsecurity.com\/2015\/07\/adobe-to-fix-another-hacking-team-zero-day\/\">third<\/a> <a href=\"http:\/\/krebsonsecurity.com\/2015\/07\/adobe-to-patch-hacking-teams-flash-zero-day\/\">time<\/a> in a week, researchers have discovered a zero-day vulnerability in Adobe&rsquo;s Flash Player browser plugin. Like the previous two discoveries, this one came to light only after hackers dumped online huge troves of documents stolen from Hacking Team &mdash; an Italian security firm that sells software exploits to governments around the world.<\/p><p>News of the latest Flash flaw comes from Trend Micro, which <a href=\"http:\/\/blog.trendmicro.com\/update-the-hacking-team-flash-zero-day-trifecta\/\">said<\/a> it reported the bug (CVE-2015-5123) to Adobe&rsquo;s Security Team. Adobe confirmed that it is working on a patch for the two outstanding zero-day vulnerabilities exposed in the Hacking Team breach.<\/p><p>We are likely to continue to see additional Flash zero day bugs surface as a result of this breach. Instead of waiting for Adobe to fix yet another flaw in Flash, please consider removing or at least hobbling this program.<\/p><\/blockquote>\r\n<p><a href=\"http:\/\/www.theverge.com\/2015\/7\/13\/8948459\/adobe-flash-insecure-says-facebook-cso\">James Vincent<\/a> (via <a href=\"http:\/\/daringfireball.net\/linked\/2015\/07\/13\/facebook-flash\">John Gruber<\/a>):<\/p>\r\n<blockquote cite=\"http:\/\/www.theverge.com\/2015\/7\/13\/8948459\/adobe-flash-insecure-says-facebook-cso\"><p>Alex Stamos, the recently appointed chief security officer at Facebook, has <a href=\"https:\/\/twitter.com\/alexstamos\/status\/620306643360706561\">called on software company Adobe<\/a> to announce an &ldquo;end-of-life date for Flash.&rdquo; In a pair of tweets sent over the weekend, Stamos echoed a number of recent complaints from the security community that the software has become the vector for just too many hacking vulnerabilities.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Brian Krebs: For the third time in a week, researchers have discovered a zero-day vulnerability in Adobe&rsquo;s Flash Player browser plugin. Like the previous two discoveries, this one came to light only after hackers dumped online huge troves of documents stolen from Hacking Team &mdash; an Italian security firm that sells software exploits to governments [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[447,1130,131,279,456,852,31,30,103,48],"class_list":["post-11691","post","type-post","status-publish","format-standard","hentry","category-technology","tag-adobe","tag-adobe-flash","tag-bug","tag-firefox","tag-googlechrome","tag-internet-explorer","tag-ios","tag-mac","tag-safari","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11691","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=11691"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11691\/revisions"}],"predecessor-version":[{"id":11692,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/11691\/revisions\/11692"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=11691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=11691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=11691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}