Another day, another news, and well… another SEO Poisoning stint. Using PDF files in SEO poisoning is a bit recent, but not exactly fresh news.

See original here:
SEO Poisoning Sites Use Flash for Redirection

We’ve been seeing a gradual shift in malicious PDF file coding (no surprise there, we know malware authors can and do adapt their techniques). For a long time, we saw malicious PDF files that were simple enough to allow us to readily decipher the intent of the malicious code — shell code, download/execute, drop and load, et cetera. Now we’re seeing more and more complex obfuscation being used, which requires us to break down the PDF file.

Excerpt from:
Analyzing PDF Files

We saw a pretty PDF file today (md5: 116d92f036f68d325068f3c7bbf1d535). It looks like this: Nice flowers. Unfortunately, when viewing the file, it uses an exploit against Adobe Reader and drops and runs a file called 1.exe

More:
Watch out for flower-show.org

We just blogged about a highly targeted attack against military contractors. Now we saw one against the intelligence sector.

View post:
Intelligence sector hit by a targeted attack

Foxy Loxy by Gustaf Tenggren

Over the few last years, we’ve worked with dozens of companies who have been hit with targeted attacks , ie. espionage trojans. Not a single one of these companies went public with the information.

See the original post here:
Targeted Attacks Against Google

Every year the Web security community produces dozens of new hacking techniques documented in white papers, blog posts, magazine articles, mailing list emails, etc. Not to be confused with individual vulnerability instances brandishing CVE numbers, nor intrusions / incidents, but actual new methods of Web attack. Some techniques target websites, others Web browsers, and the rest somewhere in between.

More:
Top Ten Web Hacking Techniques of 2009 (Official)

After the holidays, spammers now are capitalizing on the upcoming tax season. Recently, Trend Micro threat analysts found spammed messages purporting to come from the Internal Revenue Service (IRS)

View original post here:
Bogus IRS W-2 Form Leads to Malware

Another PDF sample that exploits an unpatched vulnerability in Adobe Reader and Acrobat has been spotted in the wild. The sample (detected by Trend Micro as TROJ_PIDIEF.WIA ) uses the heap spray technique to execute shellcode in its stream. As a result, a malicious file detected as BKDR_POISON.UC is dropped into the system

Go here to see the original:
Unpatched Adobe Vulnerability Is Still Being Exploited in the Wild

Security researchers have unearthed a new vulnerability in both Adobe Acrobat and Reader . Adobe has acknowledged the presence of the said vulnerability although it has not gone public with more specific details. Researchers believe version 9.2 and earlier of Adobe Acrobat and Reader are affected by this vulnerability

Read the original post:
New Adobe Zero-Day Vulnerability Again