Adobe's Flash Player took every position of the Top 10 of most attacked vulnerabilities through exploit kits, according to the security department of the NTT Group, the largest Japanese telecom provider.
While the Top 10 was previously dominated by Java leaks, two year later it's Adobe's Flash Player that takes the questionable lead. The number of attacked vulnerabilities on Java has heavily decreased while Flash Player is now a popular target for cybercriminals. The number of attacks on Internet Explorer remained pretty much the same.
The popularity of attacks on Adobe Flash is likely explained by the large number of vulnerabilities in the media player combined with the large number of users. Last year the number of discovered security leaks in Flash Player increased with 312% compared to 2014.
Java attacks heavily decreased and last year no new Java exploits were used by exploit kits. According to NTT, there are still many unpatched Java systems in companies. Exploit kits make use of unpatched software to automatically install malware on computers. A common practice is that cybercriminals use hacked websites or malicious advertisements to distribute exploit kits to users.
Also Internet Explorer remains a popular target, because its the the default browser on older Windows versions and is used by many in business environments. Another reason is that there is a continuous stream of new vulnerabilities discovered in the browser.
NTT advices users to install an adblocker to prevent attacks by exploit kits. Also applying security patches as soon as possible is advised.
