Imagine a cunning little 17th century Milanese pirate ship that hired out its warring strategies and resources to the great and powerful kings of the time so they could loot a lot of secret treasure from other ships.
Now imagine that this Milanese pirate ship was in turn attacked and pillaged by pirates who stole an enormous whack of booty in the shape of a casket containing 400,000 gold coins.
And that’s not the worst…

Then imagine that at the bottom of this casket of gold coins, the Milanese pirates had forgotten a highly confidential parchment. This parchment recorded all the details of the pirate ship’s attack strategies as well as a lot of personal information about the great kings that commissioned them.

Well… don’t imagine anymore, because, although this did not really happen in the 17th century, it did happen just a few days ago in another sort of pirate world, namely cyber-security.

This parchment in everyone’s hands in a flash

Truth is, the little Milanese pirate ship is actually a company called the Hacking Team which sells spyware to companies and governments. This spyware empowers clients not only to break the encryption used in emails, files and VoIP (Voice over IP) protocols, but to also remotely take control over the victim’s computers.

So, a total of 400 Gb of data was recently pirated from the Hacking Team, and, along with this data, its precious parchment in the shape of a file revealing how it exploited a zero-day vulnerability in Adobe Flash Player.
This zero-day vulnerability was used until now by the Hacking Team to infect the targets of their RCS (Remote Control System) spyware.

Remotely installed, this system enables the Team’s clients to remotely take control of their targets’ computers at any given moment. So you can imagine the even more dramatic impact of this vulnerability when it was made public by the pirates themselves.

Even though a vulnerability patch has recently been brought out, it doesn’t protect against other zero-day vulnerabilities that have since gone public. Therefore, we can safely say that corrective protection can never replace preventive protection against this sort of attack.

Be a good captain

Stormshield Endpoint security (SES) is a bit like the good captain’s best telescope against unforeseen attacks. Efficient and intuitive, our software can actually anticipate unforeseen behaviour and proactively block threats from the craftiest and most inventive pirates.
So, although the zero-day vulnerability we are talking about affects all versions of Flash including the 18.0.0.194 version, and has even been qualified as one of the most spectacular Flash vulnerabilities in the last four years, it cannot get through Stormshield Endpoint Security’s tightly-woven mesh.

In fact, even before the vulnerability was exploited by the Hacking Team and then broadcast after the pirate’s attack, the SES solution already protected clients against this threat involving Adobe Flash Player.
To cut a long story short, companies already using our solution can navigate in complete safety without any need to update their SES software looming on the horizon.

So what about the rest of you?
Before you lose your bearings and your precious parchments, contact us for more information on our Stormshield Endpoint Security product range by visiting us at www.stormshield.eu and, like any good captain would, protect your company’s treasures.

Sources
http://www.zdnet.fr/actualites/dans-les-tiroirs-de-hacking-team-une-faille-0day-flash-se-baladait-39822164.htm
http://www.macplus.net/depeche-84310-l-enorme-faille-de-flash-exploitee-par-hacking-team-se-repand
http://www.macplus.net/depeche-84270-hacking-team-la-societe-de-surveillance-italienne-mise-a-poil
http://surveillance.rsf.org/hacking-team/