Recent FBI memo says phishing attacks targeted patched Adobe vulnerabilities linked to Hacking Team In an alert on Friday, the FBI has issued a warning about an active phishing campaign targeting various government agencies in the U.S.The alert says phishing emails in July and those from June targeted an Adobe Flash vulnerability discovered in the Hacking Team files.The FBI memo says the vulnerability being leveraged in the phishing attacks is CVE-2015-5119, otherwise known as the vulnerability in Adobe Flash that was discovered by Hacking Team and made public after the company was breached earlier this month.From the memo: “The FBI has received information regarding a likely ongoing phishing campaign that started 08 July 2015 and was observed targeting US government agencies. This campaign is similar to a June campaign launched by similar malicious actors. In both campaigns, the e-mails contain a link that exploits Adobe Flash vulnerability CVE-2015-5119.”Hacking Team is an Italian company that sells intrusion and surveillance tools to governments and law enforcement agencies.However, their business has earned them a black mark from privacy and human rights organizations, as the company has been accused of selling tools and services to nations known for violent oppression. Earlier this month, someone published a 400GB cache of files taken from the company, which included emails, source code, and sales contracts. Among those files were exploits for Zero-Day vulnerabilities in Adobe Flash and Microsoft’s Internet Explorer.Last week, the first exploit for Flash was discovered by researchers in the leaked documents and it was immediately incorporated into the Neutrino and Angler exploit kits. Within 24-hours of notification, Adobe patched the flaw being targeted, but later in the week, two additional exploits were discovered. Adobe has since patched all three.In related news, Microsoft has patched the Internet Explorer vulnerability discovered by researchers within the leaked Hacking Team emails.The following Phishing emails were sent on July 8, from 125.227.139.53 (Taiwan – hinet.net)SUBJECT: BBW Analysis report- 2015SUBJECT: Tomorrow Morning New StartsSUBJECT: Perrydale Club for Leadership: Financial Literacy 101SUBJECT: FAS Analysis report-2015FROM: Alan Mertner “In June, similar malicious actors launched another phishing campaign targeting US Government Agencies and private sector companies involved in Information Technology/Telecommunications, Aerospace, Construction, Engineering and Transportation,” the memo states.June 8, 9, 11SUBJECT: AEP Energy Program Update: 2015 Program Year Kick OffSUBJECT: Review LinkSUBJECT: PLS Account A42660861FROM: Adam L Hannah FROM: Carrie Spencer LINK: hxxp://ml.r-u.org.ua/message/Moreover, the FBI says that traffic associated with the following IP addresses and domains should be analyzed for malware activity. bwxt.comdublincore.org125.227.139.53107.20.255.57Additional details are in the July 16 alert A-000062-PH Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe