Sleeping on the job: New NHS boss Sir Jim Mackey tells MPs at 11.53am he'll 'pick up the pace' of reform - then at 3.23pm falls asleep watching Netflix hit The Diplomat in a first-class train carriage to his home 300 miles away
Prince Harry claims his police protection was taken away to 'trap' him and Meghan Markle in the Royal Family as he says his 'worst fears have been confirmed' by secret evidence from court case
Travellers invaded Tesco car park then went on rampage: Group pitched up caravans then harassed shoppers, stole food and tried to get into cars before thieving from Currys and Wickes
Inside the new WAR between Kyle Walker and Lauryn Goodman: Player's camp hit back over her money-spinning project that will tell most salacious secrets of their affair, writes KATIE HIND
When I saw the school loner on the news after my sister vanished, I gasped. He was pure evil - and a single act caught on camera proved he did it
Subtle warning signs of deadly motor neurone disease no one should dismiss - as Grey's Anatomy star Eric Dane reveals his diagnosis
Who was evicted from Celebrity Big Brother? First housemate of series axed in bombshell decision
BORIS JOHNSON: Time for Britain to lead the world out of tariff chaos - and end the tragedy of American cheese
I shocked the world with my incredible Ozempic transformation... but it left me with a VERY embarrassing problem in the bedroom
Birthday girl's last smile: Final photo shows young child excitedly sitting in helicopter cockpit... 16 minutes before plummeting to her death beside her parents and siblings in Hudson River disaster
Why Queen Camilla had to wear black to meet the Pope while other royals could sport white ensembles
My husband was scatty and had such miserable mood swings even he agreed I should leave him. Then came the shock diagnosis at 55 that saved our marriage: LUCY BRAZIER
Boarding passes and check-in to be ditched in biggest shake-up of global aviation in 50 years
DEAR CAROLINE: I have a four-month-old daughter and I feel trapped, overwhelmed and often cry when I'm in the shower. Have I made a terrible mistake?
Strictly Come Dancing reveals the 2025 professional line-up - with two NEW dancers set to be announced
Judy Finnigan, 76, looks incredible as she shows off her new look and svelte figure on sunny London outing
Freddie Flintoff shows off his fully healed face as he announces new Disney+ documentary about horror Top Gear crash - two years after the accident left him 'lucky to be alive'
Mother-of-two was arrested for theft and held in a cell for seven-and-a-half hours - after confiscating her OWN children's iPads
Woman, 22, is accused of manslaughter after 14-month-old boy dies at nursery as business owner is also charged
Drunk young mum glassed best friend at busy club, leaving her needing 41 stitches, after a row about a dog
Jesy Nelson gives pregnancy update from hospital bed and shows off her growing bump after undergoing emergency surgery to save unborn twins
Bella Thorne, 27, accuses Mickey Rourke, 72, of 'bruising her genitals' and 'humiliating' her on set as she brands working with 'gross' actor the 'worst experience of her life'
TV experts reveal the 20 best shows and films to stream this weekend - from Mad Men star's new drama to real-life story of school that spied on students through laptops
Prince Harry insiders insist Duke was safe in Ukraine warzone because he had 'robust security unlike in UK' as royal is accused of 'hypocrisy' for trip to city where Putin has killed dozens

Malware called FinSpy or FinFisher connects computer to external servers
Then awaits instructions from Switzerland, Bulgaria and the Netherlands servers
Problem affected Google's Chrome and Microsoft's Edge and Internet Explorer
Victims so far observed in Russia, Iraq, Afghanistan, the UK, Iran, Africa
Adobe said it had released a Flash security update to fix the problem

By REUTERS and CHEYENNE MACDONALD FOR DAILYMAIL.COM

Published: 17:30 BST, 16 October 2017 | Updated: 22:17 BST, 16 October 2017

e-mail

View
comments

Adobe Systems Inc warned on Monday that hackers are exploiting vulnerabilities in its Flash multimedia software platform in web browsers, and the company urged users to quickly patch their systems to prevent such attacks.

The warning came after cyber security firm Kaspersky Lab Inc said a group it was tracking, BlackOasis, used the previously unknown weakness on Oct. 10 to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands.

Kaspersky said the malware, known as FinSpy or FinFisher, is a commercial product typically sold to nation states and law enforcement agencies to conduct surveillance.

THE ATTACK

According to the researchers at Kaspersky Lab, the attack exploits a vulnerability in Adobe Flash to install the FinSpy malware (also known as FinFisher).

This is a commercial malware, and is typically sold to nation states and law enforcement to conduct surveillance, according to the security experts.

The group BlackOasis is said to be using it for targets around the world.

The malware has multiple anti-analysis techniques to make it more difficult to spot.

Once it’s been installed, the malware establishes a foothold on the attacked computer and connects to its command and control servers located in Switzerland, Bulgaria and the Netherlands.

Then, it awaits further instructions to gather data.

The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.

Adobe says it has released a security update to fix the problem.

Kaspersky said its assessment of BlackOasis shows it is targeting Middle Eastern politicians and United Nations officials engaged in the region, opposition bloggers and activists, and regional news correspondents with the latest version of FinSpy.

The company said victims have so far been observed in Russia, Iraq, Afghanistan, the United Kingdom, Iran and elsewhere in Africa and the Middle East.

Adobe said it had released a Flash security update to fix the problem, which affected Google's Chrome and Microsoft's Edge and Internet Explorer browsers as well as desktop versions.

‘Adobe has released a security update for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS,' the company said on Monday.

'This update addresses a critical type confusion vulnerability that could lead to code execution.

'Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows.’

Adobe said in July that by the end of 2020 it would retire its once-ubiquitous technology used to power most of the media content found online.

It was heavily criticized by late Apple CEO Steve Jobs, with alternatives such as HTML5 emerging in recent years and several web browsers now requiring users to enable Flash before running it.

On Google's Chrome, the most popular web browser, Flash was used daily by 17 percent of desktop users, down from 80 percent in 2014, Google said at the time Adobe announced its retirement.

Kaspersky Lab Inc said a group it was tracking, BlackOasis, used the previously unknown weakness on Oct. 10 to plant malicious software on computers before connecting them back to servers in Switzerland, Bulgaria and the Netherlands. Stock image

Adobe, along with partners Apple Inc, Microsoft Corp, Alphabet Inc's Google, Facebook Inc and Mozilla Corp, said support for Flash will ramp down across the internet in phases over the next three years.

After 2020, Adobe will stop releasing updates for Flash and web browsers will no longer support it.

HISTORY OF FLASH

Created more than 20 years ago, Flash was once the preferred software used by developers to create games, video players and applications capable of running on multiple web browsers.

When Adobe acquired Flash in its 2005 purchase of Macromedia, the technology was on more than 98 percent of personal computers connected to the web, Macromedia said at the time.

But Flash´s popularity began to wane after Apple´s decision not to support it on the iPhone.

In a public letter in 2010, late Apple CEO Steve Jobs criticized Flash's reliability, security and performance. Since then, other technologies like HTML5 have emerged as alternatives to Flash.

Created more than 20 years ago, Flash was once the preferred software used by developers to create games, video players and applications capable of running on multiple web browsers.

When Adobe acquired Flash in its 2005 purchase of Macromedia, the technology was on more than 98 percent of personal computers connected to the web, Macromedia said at the time.

But Flash´s popularity began to wane after Apple´s decision not to support it on the iPhone.