Read more about PDF
Bookmark and Share
  • Zero-day Adobe Reader flaw exploited in ongoing attacks

    07.12.2011

    Adobe has issued a security advisory notifying users about a newly discovered and still unpatched vulnerability in Adobe Reader and Adobe Acrobat which has been spotted being used in "limited, targeted attacks in the wild".

  • Adobe patches 14 holes in Reader and Acrobat

    14.09.2011

    Adobe has issued new versions of Reader and Acrobat, patching 14 vulnerabilities.

  • U.S. military contractors targeted with malicious PDFs

    19.07.2011

    The last few months have seen a lot of cyber attacks aimed at U.S.

  • PDF-Pro multiple vulnerabilities

    02.03.2011

    Several vulnerabilities in PDF-Pro can be exploited by malicious people to compromise a user's system, according to Secunia.

  • Malware family integration across botnets

    01.03.2011

    Analysis by Symantec reveals that in February, 1 in 290.1 emails (0.345%) was malicious making February among the most prolific time periods both in terms of simultaneous attacks and malware family integration across Zeus (aka Zbot), Bredolab and SpyEye.\r\n\r\n\r\nAlso in February, there were at least 40 variants of malware associated with the Bredolab Trojan, accounting for at least 10.3 percent of email-borne malware blocked by MessageLabs Intelligence in February. These latest findings reveal that contrary to recent beliefs, Bredolab is not dead and techniques previously associated with Bredolab malware have now become more common among other major malware families.\r\n\r\nSince the end of January, MessageLabs Intelligence has tracked significant volumes of collaborative attacks that make use of well-timed and carefully crafted targeted techniques. As February began, the attacks increased in number and these malware families were used aggressively to conduct simultaneous attacks via propagation techniques, signaling the likelihood of a common origin for these infected emails.\r\n\r\n\r\nAlthough the vast majority of attacks were related to Zeus and SpyEye, many of the attacks share commonalities with the well-known Bredolab Trojan, indicating some of the features associated with Bredolab were being used by Zeus and SpyEye.\r\n\r\nAll of these attacks made use of a ZIP archive attachment that contained an executable comprising the malware code. In February, 1.5% of malware blocked comprised ZIP archive attachments and further analysis revealed that 79.2% of this was connected with the latest wave of Bredolab, Zeus and SpyEye attacks.\r\n\r\nOver the past year, malicious executable files have increased in frequency along with PDF files, the most popular file format for malware distribution. PDFs now account for a larger proportion of document file types used as attack vectors.\r\n\r\nIn 2009, approximately, 52.6 percent of targeted attacks used PDF exploits, compared with 65 percent in 2010, an increase of 12.4 percent. Despite a downturn this month, if the trend were to continue as it has over the past year, 76 percent of targeted malware could be used for PDF-based attacks by mid-2011.\r\n\r\nGeographical trends:China became the most spammed in February with a spam rate of 86.2 percent.In the US and Canada, 81.4 percent of email was spam. Spam levels in the UK were 81.1 percent.In The Netherlands, spam accounted for 82.2 percent of email traffic, while spam levels reached 81.2 percent in Germany, 81.7 percent in Denmark and 81.0 percent in Australia.Spam levels in Hong Kong reached 82.8 percent and 80.4 percent in Singapore. Spam levels in Japan were 78.5 percent. In South Africa, spam accounted for 81.6 percent of email traffic.South Africa remained the most targeted by email-borne malware with 1 in 81.8 emails blocked as malicious in February.In the UK, 1 in 139.0 emails contained malware. In the US virus levels were 1 in 713.6 and 1 in 328.8 for Canada.




Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //