WARNING #670 – Upcoming malspam campaign targeting unpatched IE/Flash

28. February 18

As we projected earlier this month, we anticipate seeing an increase in criminal activity exploiting the Adobe Flash recently patched vulnerability (CVE-2018-4878) given the observation of the following Early Warning Indicators (EWIs):

  1. Publicly available code for crafting malware exploiting CVE-2018-4878
  2. e-Crime malspam activity exploiting CVE-2018-4878

Due to the ease of exploitation and criticality of the vulnerability, we recommend:

  1. IT Administrators patch their systems as soon as possible
  2. Users to stay vigilant and avoiding clicking on URLs or attachment received from unfamiliar or spoofed email senders.

We are currently updating our Collection Plan to process relevant, need-to-know data in an effort to promptly alert our customers as soon as those vulnerabilities are exploited in the wild.