Why Would APT Exploit Adobe?

January 12th, 2010 admin

After reading this statement from Adobe , they seem to be using the same language that described the Google v China incident: Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. We are currently in contact with other companies and are investigating the incident. Let’s assume, due to language and news timing, that it’s also APT. Would would APT exploit Adobe? Am I giving Adobe too much credit if I hypothesize that APT wanted to know more about Adobe’s product security plans, in order to continue exploiting Adobe’s products? If that is the case, who else might APT infiltrate? Should we start looking for similar announcements


Originally posted on TAOSecurity

Related Videos from Youtube

  • phone security and cybersecurity ar...
    taosecurity.blogspot.com another of my two in one videos but this time i want to say to my subbers, that i will protect you guys from hackers, whenever i can in any form, cell phone security or pc i'm here for you guys and the youtube cominuty at large....
  • is prillo a nice security person or...
    geeks.pirillo.com i wouldn't mind if i got more subscribers who can watch my videos and i could help them in a friendly way and a good way, i'm not like prillo in any way i don't get mad at hateful comments etc taosecurity.blogspot.com
  • Zombie aware month.......avi...
    blog.fortinet.com come on join me and help in the fight against pc zombies..... i will deffend the youtube comminuty against hackers...... taosecurity.blogspot.com
  • AFCERT circa 2000...
    This video shows the United States Air Force Computer Emergency Response Team (AFCERT) in 2000. Kelly AFB, Security Hill, and Air Intelligence Agency appear. The colonel who leads the camera crew into room 215 is James Massaro, then commander of the Air Force Information Warfare Center. The old Web-based interface to the Automated Security Incident Measurement (ASIM) sensor is shown, along with a demo of the "TCP reset" capability to terminate TCP-based sessions. We have a classic quote about a "digital Pearl Harbor" from Winn Schwartau, "the nation's top information security analyst." Hilarious, although Winn nails the attribution and national leadership problems; note also the references to terrorists in this pre-9/11 video. "Stop the technology madness!" Incidentally, if the programs shown were "highly classified," they wouldn't be in this video!

More videos ...

 
  Related Posts
Hackers exploit Adobe Reader flaw via comic strip syndicate
Hackers exploit Adobe Reader flaw via comic strip syndicate
Hackers broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat, Security Fix has learned. On Monday, Adobe Systems Inc. said it was investigating reports that criminals were attacking Internet users via a previously unknown security... 
F-Secure’s Exploit Shield blocks the "Aurora" exploit
Microsoft recently announced a new vulnerability in certain versions of its Internet Explorer web browser. If exploited, the vulnerability (CVE 2010-0249) can allow remote code execution. Announcement of this vulnerability follows on the heels of last week’s targeted zero-day attacks against a number of companies. Since we are talking about... 
Code for Shortcut Zero-Day Exploit is Public
Code for Shortcut Zero-Day Exploit is Public
If you’re not following Mikko’s Twitter feed , you may have missed yesterday’s news that public proof of concept exploit code for the Windows shortcut (.lnk) vulnerability has been released on exploit-db.com. This further escalates the danger of the shortcut vulnerability. So far, only the authors of the Stuxnet rootkit have utilized... 
Adobe Acrobat 0-Day Analysis
Adobe Acrobat 0-Day Analysis
There’s a 0-Day PDF exploit taking advantage of a vulnerability found in Adobe Reader and Acrobat 9.2 and earlier. Adobe has issued an advisory on their PSIRT blog . The screenshot below, pulled from our automation, shows that when the PDF file is opened in Adobe Acrobat/Reader it attempts to download an executable file. The server has been... 
Security Updates for Adobe Reader and Acrobat
Earlier this month, Adobe addressed a vulnerability issue that affects three products: Flash Player, Reader and Acrobat. While the Flash Player issue was fixed rather quickly, refer to Adobe Flash Player 10.1.53.64 Security Update , the latter two products did not receive similar love as their updates were only promised to be available at a later... 
Gonzalez Accomplice Gets Probation for Selling Browser Exploit
Gonzalez Accomplice Gets Probation for Selling Browser Exploit
A computer security professional who sold Internet Explorer exploit code to credit card hacker Albert Gonzalez was sentenced Tuesday in Boston to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit against Microsoft’s browser, “the purpose and function of which was to …... 
Exploit Shield FTW
Microsoft published a Security Advisory on Monday for a vulnerability in Internet Explorer 6 and IE7 that could allow for remote code execution. IE8 is not affected. Currently, there are no reports of this vulnerability being exploited in-the-wild. Our Exploit Shield analysts have been looking into this case and based on their initial tests, the code... 
Look Beyond the Exploit
Look Beyond the Exploit
The post One Exploit Should Not Ruin Your Day by Dino Dai Zovi made me think: Finally, the larger problem is that it only took one exploit to compromise these organizations. One exploit should never ruin you day. [sic] No, that is wrong. The larger problem is not that it “only took one exploit to compromise these organizations.” I... 
More Analysis of Case LNK Exploit
There’s a new threat that spreads via USB storage devices, by exploiting a previously unknown flaw in Windows shortcuts . We have added detection for the shortcut LNK exploit as Exploit:W32/WormLink.A. The shortcut file used in this case is 4.1 KB. Files associated with the trojan-dropper, backdoor, rootkit are detected as the Stuxnet family.... 
Security Advisory, Adobe Reader
It’s Fat Tuesday — time for an Adobe Update. Adobe plans to release a security update for Adobe Reader and Acrobat later today. Read Security Advisory APSB10-07 for additional details. On 16/02/10 At 03:53 PM  Read More →
  Related Tweets from Twitter
asteingruebl (Andy Steingruebl)  : @taosecurity That was true of incidents Verizon and USSS handled. That doesn't by itself = all incidents. Right?..
Updated : 2010-07-31T02:40:16Z   |  Reply  |  View Tweet
shirkdog (shirkdog)  : @taosecurity so... the outsider attacks would be 69% pre 2008 :)..
Updated : 2010-07-31T01:59:43Z   |  Reply  |  View Tweet
shirkdog (shirkdog)  : @taosecurity When jobs are there, maybe some people think about getting back at the company...but people seem to be more pessimistic now...
Updated : 2010-07-31T01:58:37Z   |  Reply  |  View Tweet
alexhutton (Alex Hutton)  : RT @taosecurity: Schultz: study puts to rest the lingering legend that most attacks are due to insiders http://bit.ly/cafM51..
Updated : 2010-07-31T01:47:12Z   |  Reply  |  View Tweet
taosecurity (Richard Bejtlich)  : Schultz: This study should put to rest the lingering information security legend that most attacks are due to insiders http://bit.ly/cafM51..
Updated : 2010-07-31T01:44:00Z   |  Reply  |  View Tweet
  Related News from Digg
Leave a comment | Trackback
No comments yet.
You must be logged in to post a comment.
TOP