RSS Alerts

Share

More services

Related Links

Related Stories

  • Obfuscated Javascript malware making a comeback
    The latest monthly threat landscape report from IT security vendor Fortinet asserts that obfuscated Javascript attacks are starting to hit internet users again.
  • Security expert cautions on hidden Javascript tweets
    Rik Ferguson, senior security advisor with Trend Micro, has uncovered a potentially serious Javascript security attack on users of the Twitter microblogging service.
  • Adobe fixes Flash flaw in five days
    Adobe has quietly fixed the 'critical' security flaw affecting its Flash and Reader software that it revealed earlier this week. The issue has been fixed in an urgent patch folded in with a raft of updates that are claimed to solve 32 documented problems with Adobe's software.
  • Adobe warns of critical multi-platform security flaw
    Adobe has released a major warning over a critical vulnerability in its Flash Player 10.0.45.2 and earlier editions for Windows, Apple Mac, Linux and Solaris platforms.
  • Applications under attack says Microsoft, Adobe
    Many in the security field agree that attack vectors have rapidly moved from exploiting operating system vulnerabilities to the application layer. Security specialists from Microsoft and Adobe lent their opinions as to why this is the case.

Top 5 Stories

News

Cybercriminals combine Java and Flash to thwart security

15 July 2010

The latest report from M86 Security, a company specializing in real-time web and e-mail threat protection, has found hackers are using multiple attacks to get around IT security.

The biannual Security Labs Report details the emergence of combined attacks using Adobe's ActionScript and JavaScript languages to thwart most of the new, proactive detection mechanisms.

According to M86, this threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of proactive security controls. As existing techniques for "covering their tracks" become less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect.

By splitting the malicious code between Adobe ActionScript language – built into Adobe flash – and JavaScript components on the web page, they limit the effectiveness of many of the proactive security detection mechanisms.

This story was first published by Computer Weekly
 

This article is featured in:
Application Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012