Cyber Spies Exploit Java and Flash Flaws

Cyber spies have planted Java- and Flash-exploiting malware on Web sites focused on human rights, defense, and foreign policy.

Over the last two weeks, the Shadowserver Foundation, a nonprofit group that tracks Internet threats, has discovered several such compromised Web sites that download the malware through visitors' browsers. The malware, which exploits known flaws in Adobe Flash and Java, is aimed at Mac and Windows systems.

Sites that were serving malware as of Monday were for the Center for Defense Information, a research group for U.S. national security; Amnesty International Hong Kong, the Cambodian Ministry of Foreign Affairs, and the International Institute of Counter-Terrorism at the Interdisciplinary Center in Herzliya, Israel, Shadowserver said. Last week, security vendor Websense reported that the site of Amnesty International United Kingdom was serving Java-exploiting malware.

Read more at:
Cyber Spies Exploit Java and Flash Flaws | PCWorld Business Center
 
Back
Top