“The latest Angler/Flash campaign hit its peak Jan. 28 and 29 with almost 1,400 infections over that 48-hour period before tapering off two days later.”
“This is another example of how Angler Exploit Kit continues to differentiate itself. It changes and evolves on a constant basis producing new variation on the existing exploits as well as providing enough customization on the recent vulnerability (CVE-2015-0311) to effectively avoid reliable detection”
Adobe released a patch for customers who had enabled auto-update for Flash on the desktop on Jan. 24 before releasing an out-of-band patch two days later. On Monday, another unrelated Flash zero day, the third in two weeks was patched in another emergency update.
See the full story at: http://threatpost.com/1800-domains-overtaken-by-flash-zero-day/110835