Trusted Design

Killing a Zero-Day in the Egg: Adobe CVE-2016-1019

概要

On April 2, 2016, Proofpoint researchers discovered that the Magnitude exploit kit (EK) [1] was successfully exploiting Adobe Flash version 20.0.0.306. Because the Magnitude EK in question did not direct any exploits to Flash 21.0.0.182, we initially suspected that the exploit was for CVE-2016-1001 as in Angler [2], the combination exploit "CVE-2016-0998/CVE-2016-0984" [3], or CVE-2016-1010. In the course of our investigation, we shared our findings with fellow researchers in the security community in order to accelerate identification of the exploit. A colleague at FireEye determined [4] that the exploited vulnerability was unknown. Adobe was promptly notified of the issue, and they verified that although a mitigation integrated in 21.0.0.182 appeared to cause the exploit to fail, it was a previously unreported vulnerability and assigned it CVE-2016-1019 - See more at: https://www.proofpoint.com/us/threat-insight/post/killing-zero-day-in-the-egg#sthash.t5Hu0reG.dpuf

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Angler, Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit (score: 0.78)
Security Advisory for Adobe Flash Player (score: 0.77)
Latest Flash Exploit Used in Pawn Storm (score: 0.76)
CVE-2015-5122 Exploited in Strategic Web Compromise (score: 0.74)
Locky Ransomware Spreads via Flash and Windows Kernel Exploits (score: 0.73)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 7.50

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash

MITREへのリンク →

Scattered Spider

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

Volt Typhoon

Score: 8.60

Matched TTPs:

T1069 - Permission Groups Discovery
T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application

MITREへのリンク →

APT3

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

FIN13

Score: 7.50

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash

MITREへのリンク →

Sandworm Team

Score: 5.31

Matched TTPs:

T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Storm-0501

Score: 5.31

Matched TTPs:

T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application

MITREへのリンク →

APT28

Score: 11.38

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1039 - Data from Network Shared Drive
T1550.002 - Pass the Hash
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Kimsuky

Score: 8.35

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash
T1588.005 - Exploits

MITREへのリンク →

Ember Bear

Score: 8.35

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash
T1588.005 - Exploits

MITREへのリンク →

Medusa Group

Score: 4.22

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Fox Kitten

Score: 4.50

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1039 - Data from Network Shared Drive

MITREへのリンク →

menuPass

Score: 4.50

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1039 - Data from Network Shared Drive

MITREへのリンク →

GALLIUM

Score: 4.22

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash

MITREへのリンク →

APT29

Score: 6.01

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1090.004 - Domain Fronting

MITREへのリンク →

RedCurl

Score: 9.91

Matched TTPs:

T1056.002 - GUI Input Capture
T1039 - Data from Network Shared Drive
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1056.002 - GUI Input Capture

MITREへのリンク →

Gamaredon Group

Score: 7.57

Matched TTPs:

T1001 - Data Obfuscation
T1039 - Data from Network Shared Drive

MITREへのリンク →

BRONZE BUTLER

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Chimera

Score: 5.78

Matched TTPs:

T1039 - Data from Network Shared Drive
T1550.002 - Pass the Hash

MITREへのリンク →

Velvet Ant

Score: 6.88

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1608.006 - SEO Poisoning

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.82

Matched TTPs:

T1039 - Data from Network Shared Drive
T1190 - Exploit Public-Facing Application
T1211 - Exploitation for Defense Evasion
T1550.002 - Pass the Hash

MITREへのリンク →

RedCurl

Score: 0.71

Matched TTPs:

T1039 - Data from Network Shared Drive
T1056.002 - GUI Input Capture
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Volt Typhoon

Score: 0.64

Matched TTPs:

T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application
T1069 - Permission Groups Discovery

MITREへのリンク →

Ember Bear

Score: 0.60

Matched TTPs:

T1588.005 - Exploits
T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash

MITREへのリンク →

APT41

Score: 0.58

Matched TTPs:

T1550.002 - Pass the Hash
T1190 - Exploit Public-Facing Application
T1069 - Permission Groups Discovery

MITREへのリンク →

Kimsuky

Score: 0.58

Matched TTPs:

T1588.005 - Exploits
T1190 - Exploit Public-Facing Application
T1550.002 - Pass the Hash

MITREへのリンク →

FIN13

Score: 0.57

Matched TTPs:

T1550.002 - Pass the Hash
T1190 - Exploit Public-Facing Application
T1069 - Permission Groups Discovery

MITREへのリンク →

Gamaredon Group

Score: 0.56

Matched TTPs:

T1001 - Data Obfuscation
T1039 - Data from Network Shared Drive

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る