Originally posted on F-Secure

 

  Related Posts

We just blogged about a highly targeted attack against military contractors. Now we saw one against the intelligence sector. This attack was done with a PDF file. Again. It was targeting the CVE-2009-4324 vulnerability. Again. When opened, the PDF file (md5: c3079303562d4672d6c3810f91235d9b) looked like this: What really happens in the background?... 

There’s a 0-Day PDF exploit taking advantage of a vulnerability found in Adobe Reader and Acrobat 9.2 and earlier. Adobe has issued an advisory on their PSIRT blog . The screenshot below, pulled from our automation, shows that when the PDF file is opened in Adobe Acrobat/Reader it attempts to download an executable file. The server has been... 

When major earthquakes strike along the Aleutian island chain in Alaska, they could trigger tsunamis sweeping down along the California coast and threatening many low-lying regions with disaster, including parts of San Francisco. The danger has long been known, but Thursday a team of state scientists and emergency management specialists announced... 

The chairman of the House Oversight and Government Reform Committee introduced legislation on Tuesday to prohibit the use of peer-to-peer (P2P) file-sharing software across all federal government computers and networks. The “Secure Federal File Sharing Act” would direct the White House’s Office of Management and Budget to issue... 

It’s not a huge surprise that we are seeing some malware spam runs where the malicious attachment attempts to portray itself as a Christmas Greeting of some sort. Here’s an example from today (md5: C670165AE6DFA8318F0EA795B1D3AD55). This one is actually a Zapchast (IRC bot variant). The “Christmas Card” requires it’s... 

Fox News is reporting Fort Jackson authorities are investigating an alleged attempt to poison the food supply at the base. Amazingly, if the reports are true, the investigation has been going on for nearly 2 months. The U.S. Army is investigating allegations that soldiers were attempting to poison the food supply at Fort Jackson in South This story... 

You may remember in September of 2003 when al Qaeda’s #2 man, Ayman al-Zawahiri, called off a planned chemical attack on New York’s subway system and offered a rather chilling explanation: The plot to unleash poison gas on New Yorkers was being dropped for “something better,” Zawahiri said in a message intercepted by U.S. eavesdroppers.... 

The underwear bomber’s Christmas Day attack has prompted calls for the increased use of full-body scanners at airports that would strip-search passengers down to their naked bodies. So to protest the use of the so-called “nacktscanner” (naked scanners), members of the Pirate Party in Germany stripped down to their skivvies last... 

Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it’s getting even sneakier… Imagine a PDF file posted by someone evil online. Of course, Google being Google, the file is recognized as a PDF. And when we open it, it really is a PDF. No evil codes inside, just a good old vanilla PDF file. Three... 

We worked at it, we really did. I made special arrangements to be able to Skype in from my hotel room, Zach called in from home and Rich recorded everything at his home office. It all worked out. Or so we thought. When Rich went back to edit the podcast he found that his software had failed without warning and all he had recorded was his own audio,... 

  Related Tweets from Twitter

  Related News from Digg