Massive Malspam Campaign Targets Unpatched Systems

Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers.

According to the research firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month. Victims who fall for the ploy could ultimately hand over control of their systems to an attacker, according to researchers.

Read more…
Source: ThreatPost