Trusted Design

Killing a Zero-Day in the Egg: Adobe CVE-2016-1019

概要

On April 2, 2016, Proofpoint researchers discovered that the Magnitude exploit kit (EK) [1] was successfully exploiting Adobe Flash version 20.0.0.306. Because the Magnitude EK in question did not direct any exploits to Flash 21.0.0.182, we initially suspected that the exploit was for CVE-2016-1001 as in Angler [2], the combination exploit "CVE-2016-0998/CVE-2016-0984" [3], or CVE-2016-1010. In the course of our investigation, we shared our findings with fellow researchers in the security community in order to accelerate identification of the exploit. A colleague at FireEye determined [4] that the exploited vulnerability was unknown. Adobe was promptly notified of the issue, and they verified that although a mitigation integrated in 21.0.0.182 appeared to cause the exploit to fail, it was a previously unreported vulnerability and assigned it CVE-2016-1019 - See more at: https://www.proofpoint.com/us/threat-insight/post/killing-zero-day-in-the-egg#sthash.t5Hu0reG.dpuf

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Angler, Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit (score: 0.78)
Security Advisory for Adobe Flash Player (score: 0.77)
Latest Flash Exploit Used in Pawn Storm (score: 0.76)
CVE-2015-5122 Exploited in Strategic Web Compromise (score: 0.74)
Locky Ransomware Spreads via Flash and Windows Kernel Exploits (score: 0.73)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 7.50

Matched TTPs:

T1560.003 - Archive via Custom Method
T1140 - Deobfuscate/Decode Files or Information
T1668 - Exclusive Control

MITREへのリンク →

Scattered Spider

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Volt Typhoon

Score: 8.60

Matched TTPs:

T1560.003 - Archive via Custom Method
T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

APT3

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

FIN13

Score: 7.50

Matched TTPs:

T1560.003 - Archive via Custom Method
T1140 - Deobfuscate/Decode Files or Information
T1668 - Exclusive Control

MITREへのリンク →

Sandworm Team

Score: 5.31

Matched TTPs:

T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Storm-0501

Score: 5.31

Matched TTPs:

T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

APT28

Score: 11.38

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1542.004 - ROMMONkit
T1668 - Exclusive Control
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 8.35

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1668 - Exclusive Control
T1003.003 - NTDS

MITREへのリンク →

Ember Bear

Score: 8.35

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1668 - Exclusive Control
T1003.003 - NTDS

MITREへのリンク →

Medusa Group

Score: 4.22

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1128 - Netsh Helper DLL

MITREへのリンク →

Fox Kitten

Score: 4.50

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1542.004 - ROMMONkit

MITREへのリンク →

menuPass

Score: 4.50

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1542.004 - ROMMONkit

MITREへのリンク →

GALLIUM

Score: 4.22

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1668 - Exclusive Control

MITREへのリンク →

APT29

Score: 6.01

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1218.009 - Regsvcs/Regasm

MITREへのリンク →

RedCurl

Score: 9.91

Matched TTPs:

T1574.010 - Services File Permissions Weakness
T1542.004 - ROMMONkit
T1128 - Netsh Helper DLL

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1574.010 - Services File Permissions Weakness

MITREへのリンク →

Gamaredon Group

Score: 7.57

Matched TTPs:

T1061 - Graphical User Interface
T1542.004 - ROMMONkit

MITREへのリンク →

BRONZE BUTLER

Score: 3.03

Matched TTPs:

T1542.004 - ROMMONkit

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1542.004 - ROMMONkit

MITREへのリンク →

Chimera

Score: 5.78

Matched TTPs:

T1542.004 - ROMMONkit
T1668 - Exclusive Control

MITREへのリンク →

Velvet Ant

Score: 6.88

Matched TTPs:

T1128 - Netsh Helper DLL
T1566.003 - Spearphishing via Service

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1543.002 - Systemd Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.82

Matched TTPs:

T1566.003 - Spearphishing via Service
T1668 - Exclusive Control
T1542.004 - ROMMONkit
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

RedCurl

Score: 0.71

Matched TTPs:

T1128 - Netsh Helper DLL
T1542.004 - ROMMONkit
T1574.010 - Services File Permissions Weakness

MITREへのリンク →

Volt Typhoon

Score: 0.64

Matched TTPs:

T1560.003 - Archive via Custom Method
T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Ember Bear

Score: 0.60

Matched TTPs:

T1003.003 - NTDS
T1668 - Exclusive Control
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

APT41

Score: 0.58

Matched TTPs:

T1560.003 - Archive via Custom Method
T1668 - Exclusive Control
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Kimsuky

Score: 0.58

Matched TTPs:

T1003.003 - NTDS
T1668 - Exclusive Control
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

FIN13

Score: 0.57

Matched TTPs:

T1560.003 - Archive via Custom Method
T1668 - Exclusive Control
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Gamaredon Group

Score: 0.56

Matched TTPs:

T1542.004 - ROMMONkit
T1061 - Graphical User Interface

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る