Flash, malware and ransomware top list of online threats

Your humble browser has again been identified as the main vector for distributing malware across target machines.

A McAfee Labs threat report has highlighted two distinct threats, the first being Adobe’s Flash software platform which remains a constant thorn in the side of users who are hit by the double whammy of performance penalties and security issues.

Attacks based on it have increased threefold in the first quarter of the year as criminals move away from Oracle’s Java and Microsoft’s now-obsolete Silverlight.

More than 40 new Adobe Flash vulnerabilities were submitted to the National Vulnerability Database in the first quarter of the year with fixes issued by Adobe within 24 hours.

New threats coming

The current Adobe Flash beta, version 18, promises to bring a number of bug fixes and enhancements related to security, stability, performance and device compatibility.

McAfee Labs also identified the CTB Locker ransomware as another rising threat (up by 165 per cent in the first quarter of 2015), coercing victims to pay a ransom in order to get keys for their encrypted files.

Malware that can interfere with the firmware of storage devices was another potential threats identified Intel’s security business unit.

It found that the malware could be used to “reprogram the firmware in SSDs in addition to the previously-reported HDD reprogramming capability”, and remained persistent (and undetectable) even if the drives were reformatted and the OS reinstalled.