Chuck Leaver – Get Tough On Adobe Flash And Ban It To Prevent Exploits

Written By Dr Al Hartmann And Presented By Chuck Leaver Ziften CEO


Be Strong or Get Attacked.

Extremely experienced and talented cyber attack teams have actually targeted and are targeting your organization. Your large endpoint population is the most typical point of entry for knowledgeable attack organizations. These enterprise endpoints number in the thousands, are loosely handled, laxly configured, and rife with vulnerability exposures, and are run by partially trained, credulous users – the ideal target-rich opportunity. Mikko Hypponen, chief research officer at F-Secure, frequently says at market symposia: “How many of the Fortune 500 are attacked today? The answer: 500.”

And how long did it take to penetrate your enterprise? White hat hackers performing penetration screening or red group workouts typically jeopardize target businesses within the very first few hours, although morally and lawfully limited in their techniques. Black hat or state sponsored hackers might accomplish penetration much more quickly and secure their presence forever. Provided average assailant dwell periods determined in numerous days, the time-to-penetration is negligible, not an impediment.

Exploit Sets

The industrialization of hacking has created a black market for attack tools, consisting of a range of software for determining and making use of customer endpoint vulnerabilities. These exploitation sets are marketed to cyber assailants on the dark web, with dozens of exploitation package families and suppliers. An exploit kit operates by evaluating the software application configuration on the endpoint, determining exposed vulnerabilities, and applying an exploit to a vulnerability exposure.

A relative handful of commonly released endpoint software represent the bulk of exploit set targeted vulnerabilities. This arises from the unfortunate reality that complex software applications have the tendency to show a consistent flow of vulnerabilities that leave them continually susceptible. Each patch release cycle the exploitation set developers will download the latest security patches, reverse engineer them to discover the underlying vulnerabilities, and update their exploit sets. This will frequently be done quicker than businesses use patches, with some vulnerabilities remaining unpatched and ripe for exploitation even years after a patch is provided.

Adobe Flash

Prior to prevalent adoption of HTML 5, Adobe Flash was the most frequently utilized software application for rich Internet material. Even with increasing adoption of HTML 5, legacy Adobe Flash keeps a significant following, preserving its long-held position as the darling of exploitation kit authors. A recent research study by Digital Shadows, In the Business of Exploitation, is useful:

This report examines 22 exploit packages to comprehend the most often exploited software. We tried to find trends within the exploitation of vulnerabilities by these 22 packages to show what vulnerabilities had been exploited most extensively, combined with how active each exploitation set was, in order to inform our assessment.

The vulnerabilities exploited by all 22 exploit sets revealed that Adobe Flash Player was most likely to be the most targeted software, with 27 of the 76 identified vulnerabilities exploited relating to this software.

With relative consistency, dozens of fresh vulnerabilities are revealed in Adobe Flash every month. To exploit package designers, it is the present that keeps on giving.

The market is learning its lesson and moving beyond Flash for abundant web material. For example, a Yahoo senior developer blogging just recently in Streaming Media kept in mind:

” Adobe Flash, once the de-facto standard for media playback online, has actually lost favor in the industry due to increasing issues over security and efficiency. At the same time, requiring a plugin for video playback in internet browsers is losing favor among users too. As a result, the market is approaching HTML5 for video playback.”

Amit Jain, Sep 21, 2016

Banishing Adobe Flash

One action businesses may take now to solidify their endpoint setups is to banish Adobe Flash as a matter of organization security policy. This will not be an easy task, it might be painful, however it will be valuable in reducing your enterprise attack surface. It includes blacklisting Adobe Flash Player and imposing browser security settings disabling Flash content. If done properly, this is exactly what users will see where Flash content appears on a traditional website:


This message validates two truths:

1. Your system is appropriately set up to decline Flash material.

Praise yourself!

2. This site would compromise your security for their benefit.

Ditch this website!


No Responses Yet to “Chuck Leaver – Get Tough On Adobe Flash And Ban It To Prevent Exploits”

Leave a Reply