Bleeping Computer: The two Ransomware-as-a-Service operations exploit the same encrypted file format and the distribution channel: the Dridex botnet.
5 dangerous vulnerabilities in Adobe SandBox were fixed thanks to the cooperation between Swanscan cyber security experts and the multinational
Swanscan and Adobe worked together to fix 5 unknown vulnerabilities in the multinational SandBox service. These could easily impact the Integrity, Availability and Confidentiality of the systems. The flaws have been discovered by the Italian Platform’s Vulnerability Hunting Team, following a security monitoring activity for a Media enterprise in Europe. The cyber security experts contacted immediately the Adobe PSIRT and started to cooperating with the multinational, in order to solve them. They were related to the Web Servers at adobesandbox.com, which handles through multiple and different hosts the Service. Furthermore, they were distributed among a range of High (1), Medium (2) and Low (2). Swanscan, founded by Raoul Chiesa and Pierguido Iezzi, is the first CyberSecurity Testing platform both in Cloud and On Premise, SaaS and All-in-One.
Possible threats related to Adobe SandBox were solved thanks to a good example of companies-vendors Cyber Security Teamwork
Adobe, in order to manage security, adopts the Sandbox service. It’s a protected environment used to run untrusted programs. This technique, in the Acrobat context, involves running any PDF in this protected environment in order to minimize risk. By default, every PFD is considered as potentially dangerous. In fact, few months ago, the cyber security experts discovered a new malware, disguises as a PDF file. It’s dubbed Redaman and it’s just the last of a long list of malicious codes, spreaded by cybercrime on the file format via phishing emails. Furthermore, one of the most famous is the CryptoLocker ransomware, used since ’90ies to earn profits. In this case, possible dangerous threats have been fixed thanks to a good example of companies-vendors Cyber Security Teamwork, with full cooperation between Swascan and Adobe.