 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 26 Feb 2016 11:20:38 +0000 |
| Content-Type: | multipart/mixed |
| Parts/Attachments: |
|
|
Dear All,
Malicious websites are exploiting a recently fixed vulnerability in
Microsoft's Silverlight application framework to perform drive-by malware
attacks on vulnerable visitor devices, a security researcher has determined.
The critical code-execution vulnerability, which Microsoft patched last
month, was actively exploited for two years in attack code owned by
Italy-based exploit broker Hacking Team. As Ars reported last July, the
Silverlight exploit came to light following a hack on Hacking Team's
network that exposed gigabytes worth of private e-mails and other data.
Researchers with Russian antivirus provider Kaspersky Lab later discovered
the vulnerability being exploited in the wild and privately reported it to
Microsoft.
Now, exploit code for the patched vulnerability is being distributed
through Angler, one of several toolkits that criminals use to seed websites
with code that carry out drive-by attacks.
Please find attached advisory
Kind Regards
*WISDOM DONKOR (S/N Eng.)*
ICANN Fellow / ISOC Member, IGF Member, Diplo Foundation
OGP Working Group Member, Africa OD Working Group Member
E-government and Open Government Data Platforms Specialist
National Information Technology Agency (NITA)
Ghana Open Data Initiative (GODI)
Post Office Box CT. 2439, Cantonments, Accra, Ghana
Tel; +233 20 812881
Email: [log in to unmask]
[log in to unmask]
[log in to unmask]
Skype: wisdom_dk
facebook: facebook@wisdom_dk
Website: www.nita.gov.gh / www.data.gov.gh
www.isoc.gh / www.itag.org.gh
|
|
|
