Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Adobe PDF Trojan Exploits Vulnerability Unearthed Just A Week Ago

Trusteer : 16 April, 2010  (Technical Article)
Embedded Trojan exploits Adobe vulnerability in zero-day attack aimed at users of Adobe PDF files
As predicted last week by Trusteer, a new variant of the Zbot/Zeus trojan has now arrived, embedded in an Adobe PDF file.

And, says Mickey Boodaei, CEO with the browser security and fraud prevention specialist, this week's warning by fellow security vendor Websense shows how quickly cybercriminals are exploiting these types of security issues.

'Just as a virus and malware prevention industry had to move swiftly to counter the so-called zero-day security threats as they started arriving around five years ago, so the industry must ratchet up its protection strategy once again to meet this expanded threat,' he said.

'We said last week that cybercriminals and hackers will try to exploit this structural Adobe issue using social engineering techniques, which lure Internet users into a false sense of feeling safe and that is exactly what has happened this week,' he added.

According to Boodaei, many of today's IT security solutions - such as antivirus and personal firewalls - rely on Internet users to make the right choice.

The problem is, he explained, that the applications present users with technical messages that are hard to understand and expect users to decide what to do with them.

'Acrobat Reader works in a similar fashion by expecting Internet users to understand the security implications of running an embedded file,' he said, adding that most users simply look for the easiest and quickest way of getting something done.

'They don't stop to think if every step they make is a reasonable behaviour,' he said.

Judging from the speed with why cybercriminals moved to exploit the Adobe PDF security issue, the Trusteer CTO says that it is now down to Internet users to take pro-active steps to protect their Internet surfing, and heed the advice of the growing number of financial plus allied Web sites to enhance their security.

The good news, he went on to say, is that a growing number of Web sites are now offering excellent security enhancement software - free of charge - that augments users' existing anti-virus and IT security applications.

'Applications like our own Rapport browser security layer, which is offered as a free download by banks such as HSBC, RBS/NatWest and the Santander Group can play a key part in making users' Internet sessions more secure,' he said.

'Protecting your online interests clearly involves users taking a multi-layered approach to their security. We hope our warning of last week will have helped a sizeable number of online users prevent this Adobe PDF security issue from spoiling their day and causing problems with their online financial services,' he added.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo