In the past year, exploit kit makers have switched from targeting Java security flaws to exclusively exploiting weaknesses in the Adobe Flash Player, a recent report from the NTT group shows.
The security firm claims that all of the top 10 vulnerabilities targeted by exploit kits during 2015 were Flash flaws. According to historical records kept by the NTT Group, 2015 was the first year when exploit kits used more Flash flaws compared to Java, which almost disappeared from exploit kits altogether.
This change in trends comes after Java was 2012, 2013, and 2014's most targeted technology via exploit kit vulnerabilities. Besides Flash, in 2015, the second and third most targeted technologies were Internet Explorer and Microsoft Windows.
The reason behind this trend is because of the massive security updates Java received in 2014 which made exploitation much difficult. Hackers turned their focus on Flash, which saw four zero-days in 2015 only from the Hacking Team data breach alone.
