THE HACKING of an Italian company that sold spyware to Panama set off worldwide concerns as other hackers rushed to take advantage of the breach.
Technical site Ars Technica reports that Windows and Android phones may be affected by other leaked exploits.
Meanwhile, by what may be a coincidence, the New York Stock Exchange
unexpectedly shut down trading in all of its listed stocks late Wednesday morning.
The exchange did not immediately give an explanation for what caused the shutdown. In an alert on its website it wrote: “Additional information will follow as soon as possible.”
The New York Stock Exchange, ... as been hit, like other exchanges, by technical difficulties in the past, but the scale of the problem on Wednesday has little precedent said the New York Times.
Ars reported Tuesday : “ the previously unknown Flash vulnerability was part of some 400 gigabytes of data dumped on the Internet by unknown attackers who hacked Hacking Team over the weekend. By Tuesday afternoon, the critical flaw was being targeted in the wild by an array of malware titles, including the Angler and Nuclear exploit kits, as first reported by Malwarebytes (and later documented by the security researcher known as Kafeine). The exploit has also been folded in to the Metasploit hacking framework.
“The vulnerability is cataloged as CVE-2015-5119 and is active in Flash versions 18.0.0.194 and earlier. According to security firm Rapid 7, it stems from a use-after-free bug that can be exploited while Flash is handling ByteArray objects. The update is available for Windows, Mac OS X, and Linux systems. Adobe has credited Google's Project Zero and Morgan Marquis-Boire, director of security, First Look Media, for reporting the critical bug and working to protect Flash users.
“With the exploit folded into exploit kits that are available on the Internet, users who rely on Flash should install the update immediately (don't forget to uncheck the boxes Adobe shamelessly checks by default to promote crapware). Readers may also want to experiment with uninstalling Flash altogether. If the results are acceptable, that's a more secure alternative since it drastically reduces attack surface.”