Re: Adobe investigates sophisticatic corporate networksecurity issue

[Paul Ferguson <fergdawgster () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Jan 13, 2010 at 11:39 AM, Paul Ferguson <fergdawgster () gmail com>
wrote:

> On Wed, Jan 13, 2010 at 11:35 AM, Joel Esler <eslerj () gmail com> wrote:
>
> > yeah, but that doesn't tell me how the attack too place, from a
> > technical standpoint.  :)
>
> There is pretty clear evidence that someone (more than one someone,
> apparently) opened an attachment they shouldn't have, as described here:
>
> http://www.f-secure.com/weblog/archives/00001854.html

One additional note: some of the latest PDF exploits lead to a Trojan which
includes a backdoor, very much like Poison Ivy, a very popular RAT in the
Chinese hacker underground.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFLTiNwq1pz9mNUZTMRAnJ2AJ0X0cJXqjhYRcyezG8SaMzhA8VdCACcCVqU
w5i/ePI0dLhHKOGJ0Cbjxnw=
=KYR9
-----END PGP SIGNATURE-----



-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.