Subject: | |
From: | |
Reply To: | Remmy Nweke (ITRealms) |
Date: | Fri, 26 Feb 2016 19:24:19 +0100 |
Content-Type: | multipart/alternative |
Parts/Attachments: |
|
|
Thanks Wisdom
Sent from my iPad
> On Feb 26, 2016, at 12:29 PM, Wisdom Donkor <[log in to unmask]> wrote:
>
> Dear All,
>
> Malicious websites are exploiting a recently fixed vulnerability in Microsoft's Silverlight application framework to perform drive-by malware attacks on vulnerable visitor devices, a security researcher has determined.
>
> The critical code-execution vulnerability, which Microsoft patched last month, was actively exploited for two years in attack code owned by Italy-based exploit broker Hacking Team. As Ars reported last July, the Silverlight exploit came to light following a hack on Hacking Team's network that exposed gigabytes worth of private e-mails and other data. Researchers with Russian antivirus provider Kaspersky Lab later discovered the vulnerability being exploited in the wild and privately reported it to Microsoft.
>
> Now, exploit code for the patched vulnerability is being distributed through Angler, one of several toolkits that criminals use to seed websites with code that carry out drive-by attacks.
>
> Please find attached advisory
>
> Kind Regards
>
>
> WISDOM DONKOR (S/N Eng.)
> ICANN Fellow / ISOC Member, IGF Member, Diplo Foundation
> OGP Working Group Member, Africa OD Working Group Member
> E-government and Open Government Data Platforms Specialist
> National Information Technology Agency (NITA)
> Ghana Open Data Initiative (GODI)
> Post Office Box CT. 2439, Cantonments, Accra, Ghana
> Tel; +233 20 812881
> Email: [log in to unmask]
> [log in to unmask]
> [log in to unmask]
> Skype: wisdom_dk
> facebook: facebook@wisdom_dk
> Website: www.nita.gov.gh / www.data.gov.gh
> www.isoc.gh / www.itag.org.gh
>
> <Microsoft Silverlight Vulnerability_CERT-ADV10426022016.pdf>
|
|
|