Recently, Bromium reported that 2015 was a terrible year for Flash. According to their report, there was an impressive jump in the number of new vulnerabilities detected, as well as in off-the-shelf ready-available exploits.
Bromium concluded that when compared to 2014, security researchers reported a 60% increase in the number of newly discovered application vulnerabilities for 2015.
As usual, the biggest offender appeared to be Flash, which increased 333%, generally due to the Hacking Team data breach that exposed many zero-day bugs, all at the same time.
In addition, Flash made a 200% increase in the number of off-the-shelf exploits added to the Metasploit pen-testing / hacking framework, a toolkit often used by security researchers and malware builders alike.
“The architecture of Adobe’s AVM has multiple flaws allowing attackers to craft reliable exploitation techniques like ROP shellcode on the fly, thus bypassing ASLR, DEP and other protections,” Bromium researchers stated.
Besides, Flash was also the favorite tool for exploit kit builders, which deployed Flash exploits via their infection tools in 73% of the cases.
According to Bromium, Internet Explorer made a drop-off which can be explained by Microsoft’s efforts to add security measures such as isolated heap, Control Flow Guard, and sandboxing. However, the security landscape is not comprised by Flash security flaws alone.
Bromium’s research for 2015 also shows an increase in macro-malware, email spam, and especially crypto-ransomware.
According to Bromium’s estimates,10 million crypto-ransomware families were active at one point or another, with Cryptowall and TeslaCrypt being the most active. In general, in 2015 the number of ransomware strains grew 600% when compared to 2014.
Usually, ransomware was distributed via macro-malware and email spam. In addition, the security researchers pointed out the rise of Ransomware-as-a-Service operations like TOX and Crypto Locker Service (CLS).
