Adobe is expected to issue a patch for a vulnerability its Flash Player today to address a zero-day that was included in the Hacking Team data dump. In the meantime, @SwiftOnSecurity sounded the alarm last night with instructions how to protect yourself:
TRANSLATION: Worst-case scenario is now in play – HT Flash 0day with NO patch is now being used to deliver Cryptolockers via exploit kits
— InfoSec Taylor (@SwiftOnSecurity) July 8, 2015
TRANSLATION: This means you can get a Cryptolocker/virus just by browsing the web with a fully-patched machine RIGHT NOW. Take action above. — InfoSec Taylor (@SwiftOnSecurity) July 8, 2015
[!] ACTION REQUIRED: Set Flash as Click to Play in all your browsers. Here’s easy all-in-one guide via @howtogeek | http://t.co/8IMLeW09nx
— InfoSec Taylor (@SwiftOnSecurity) July 8, 2015