Read more about PDF
Bookmark and Share
  • Zero-day Adobe Reader flaw exploited in ongoing attacks


    Adobe has issued a security advisory notifying users about a newly discovered and still unpatched vulnerability in Adobe Reader and Adobe Acrobat which has been spotted being used in "limited, targeted attacks in the wild".

  • Adobe patches 14 holes in Reader and Acrobat


    Adobe has issued new versions of Reader and Acrobat, patching 14 vulnerabilities.

  • U.S. military contractors targeted with malicious PDFs


    The last few months have seen a lot of cyber attacks aimed at U.S.

  • PDF-Pro multiple vulnerabilities


    Several vulnerabilities in PDF-Pro can be exploited by malicious people to compromise a user's system, according to Secunia.

  • Malware family integration across botnets


    Analysis by Symantec reveals that in February, 1 in 290.1 emails (0.345%) was malicious making February among the most prolific time periods both in terms of simultaneous attacks and malware family integration across Zeus (aka Zbot), Bredolab and SpyEye.\r\n\r\n\r\nAlso in February, there were at least 40 variants of malware associated with the Bredolab Trojan, accounting for at least 10.3 percent of email-borne malware blocked by MessageLabs Intelligence in February. These latest findings reveal that contrary to recent beliefs, Bredolab is not dead and techniques previously associated with Bredolab malware have now become more common among other major malware families.\r\n\r\nSince the end of January, MessageLabs Intelligence has tracked significant volumes of collaborative attacks that make use of well-timed and carefully crafted targeted techniques. As February began, the attacks increased in number and these malware families were used aggressively to conduct simultaneous attacks via propagation techniques, signaling the likelihood of a common origin for these infected emails.\r\n\r\n\r\nAlthough the vast majority of attacks were related to Zeus and SpyEye, many of the attacks share commonalities with the well-known Bredolab Trojan, indicating some of the features associated with Bredolab were being used by Zeus and SpyEye.\r\n\r\nAll of these attacks made use of a ZIP archive attachment that contained an executable comprising the malware code. In February, 1.5% of malware blocked comprised ZIP archive attachments and further analysis revealed that 79.2% of this was connected with the latest wave of Bredolab, Zeus and SpyEye attacks.\r\n\r\nOver the past year, malicious executable files have increased in frequency along with PDF files, the most popular file format for malware distribution. PDFs now account for a larger proportion of document file types used as attack vectors.\r\n\r\nIn 2009, approximately, 52.6 percent of targeted attacks used PDF exploits, compared with 65 percent in 2010, an increase of 12.4 percent. Despite a downturn this month, if the trend were to continue as it has over the past year, 76 percent of targeted malware could be used for PDF-based attacks by mid-2011.\r\n\r\nGeographical trends:China became the most spammed in February with a spam rate of 86.2 percent.In the US and Canada, 81.4 percent of email was spam. Spam levels in the UK were 81.1 percent.In The Netherlands, spam accounted for 82.2 percent of email traffic, while spam levels reached 81.2 percent in Germany, 81.7 percent in Denmark and 81.0 percent in Australia.Spam levels in Hong Kong reached 82.8 percent and 80.4 percent in Singapore. Spam levels in Japan were 78.5 percent. In South Africa, spam accounted for 81.6 percent of email traffic.South Africa remained the most targeted by email-borne malware with 1 in 81.8 emails blocked as malicious in February.In the UK, 1 in 139.0 emails contained malware. In the US virus levels were 1 in 713.6 and 1 in 328.8 for Canada.


Nine patterns make up 92 percent of security incidents

Posted on 23 April 2014.  |  Researchers have found that 92 percent of the 100,000 security incidents analyzed over the past ten years can be traced to nine basic attack patterns that vary from industry to industry.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Thu, Apr 24th