Russian hackers are exploiting vulnerabilities in Adobe and Microsoft Windows to penetrate diplomatic targets in the U.S., according to FireEye, a Milpitas cybersecurity company.
The company s threat research team says that it recently detected a limited campaign exploiting zero-day vulnerabilities in Adobe Flash and Microsoft Windows.
Zero-day flaws are ones that have never been reported.
FireEye said Microsoft is aware of the situation. Updating Flash to the latest version will render this in-the-wild exploit innocuous, FireEye said.
The exploit begins when a user clicks a link to an attacker controlled website, FireEye said.
The company s threat team released a report in October, updated on April 18, on the Russian hacker team it calls APT28, saying the evidence suggests they have a government sponsor – specifically a government based in Moscow.
The hackers target the information of governments, militaries, and security organizations that would likely benefit the Russian government using malware developed in Russian language settings.
The development is done during working hours with the time zone of Russias major cities, Moscow and St. Petersburg, FireEye repored.
Photo: hackingilloKRTarchives
