It's been a few weeks since we've had news of an Adobe Flash flaw, so this one is right on schedule. The newest one, which security researchers from Trend Micro only recently discovered, affects the latest versions of Flash, and likely older versions as well.
Using this flaw, hackers can slip a virus past a computer's defenses and install it. Even worse, it seems a hacker group called Pawn Storm has been using it for a while now. There is some good news, however.
The good news is that Pawn Storm isn't targeting the average computer user, although some hacker group probably will now that the flaw is out in the open. Instead, it's directing its efforts toward foreign affairs ministries of various countries.
To get in the door, Pawn Storm sent out spear phishing emails with subject lines such as "Suicide car bomb targets NATO troop convey Kaul" or "Israel launches airstrikes on targets in Gaza." When ministry employees open the emails and click the links, they land on a malicious site.
The site uses the Flash flaw to put a virus on computer systems, and once hackers have a virus in place, they can snoop on sensitive documents. Learn how to tell when you've landed on a malicious site.
This is another serious reminder to avoid phishing emails at all costs, like this new one claiming to be from Amazon. It's also a good idea to disable Flash and only turn it on when you really need to use it. Get the instructions on how to do that for your browser.