Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Adobe PDF Trojan Exploits Vulnerability Unearthed Just A Week Ago

Trusteer : 16 April, 2010  (Technical Article)
Embedded Trojan exploits Adobe vulnerability in zero-day attack aimed at users of Adobe PDF files
As predicted last week by Trusteer, a new variant of the Zbot/Zeus trojan has now arrived, embedded in an Adobe PDF file.

And, says Mickey Boodaei, CEO with the browser security and fraud prevention specialist, this week's warning by fellow security vendor Websense shows how quickly cybercriminals are exploiting these types of security issues.

'Just as a virus and malware prevention industry had to move swiftly to counter the so-called zero-day security threats as they started arriving around five years ago, so the industry must ratchet up its protection strategy once again to meet this expanded threat,' he said.

'We said last week that cybercriminals and hackers will try to exploit this structural Adobe issue using social engineering techniques, which lure Internet users into a false sense of feeling safe and that is exactly what has happened this week,' he added.

According to Boodaei, many of today's IT security solutions - such as antivirus and personal firewalls - rely on Internet users to make the right choice.

The problem is, he explained, that the applications present users with technical messages that are hard to understand and expect users to decide what to do with them.

'Acrobat Reader works in a similar fashion by expecting Internet users to understand the security implications of running an embedded file,' he said, adding that most users simply look for the easiest and quickest way of getting something done.

'They don't stop to think if every step they make is a reasonable behaviour,' he said.

Judging from the speed with why cybercriminals moved to exploit the Adobe PDF security issue, the Trusteer CTO says that it is now down to Internet users to take pro-active steps to protect their Internet surfing, and heed the advice of the growing number of financial plus allied Web sites to enhance their security.

The good news, he went on to say, is that a growing number of Web sites are now offering excellent security enhancement software - free of charge - that augments users' existing anti-virus and IT security applications.

'Applications like our own Rapport browser security layer, which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group can play a key part in making users' Internet sessions more secure,' he said.

'Protecting your online interests clearly involves users taking a multi-layered approach to their security. We hope our warning of last week will have helped a sizeable number of online users prevent this Adobe PDF security issue from spoiling their day and causing problems with their online financial services,' he added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo