5 Replies Latest reply on Aug 10, 2015 10:20 AM by jbmartin6

    Anyone else getting a huge uptick in heuristic Flash detections from gateway anti-malware engine?

    Regis

      Over the past few days I'm seeing a deluge of  detections from


      McAfeeGW: BehavesLike.Flash.Exploit.zl

      McAfeeGW: BehavesLike.Flash.Exploit.xg


       

      And common sites serving them up include (defanged with DOT and xx's) :

       

      hxxps://secure.DOT.insightexpressai.com/adserver/fscookie/fscookie.swf

       

      hxxps://s.DOT.adnxtr.com/2/4.11.1/chx.swf

       

      hxxp://s.DOT.update.rubiconproject.com/2/4.11.1/chx.swf

       

      hxp://choices.DOT.truste.com/get?name=jw.swf&cb=__tvcb__

       

      hxxp://s.DOT.tagsrvcs.com/2/4.11.1/chx.swf

       

      hxxp://files.DOT.provenpixel.com/video/sdk/px/OVVBeacon.swf?id=ovv491684515&inde x=13

       

       

      Virustotal is non-plussed by the URL's I've checked.   False positives, I presume?