Video Screencast Help
Symantec Intelligence
Showing posts tagged with targeted attack
Showing posts in English
Tony Millington | 07 Dec 2011 | 1 comment

With contributions from Manoj Venugopalan, Senior Malware Analyst, Symantec

Introduction
A new day and a new zero day PDF exploit used in a Targeted attack which our Skeptic heuristic engine stopped. This one exploits a vulnerability in the 3D engine in Adobe Reader (CVE-2011-2462 http://www.adobe.com/support/security/advisories/a...) which is often used to display a 3D wire mesh object that you can rotate and view from all angles in real time. An architect might use it to mock up a plan for a building that the customer can view from within the PDF, very cool. However, the more functions you add to your software, the more chance there is to exploit the format.

Details
The targeted attack against Adobe Reader 9.4.6 on Windows was sent in 5 emails...

Paul Wood | 25 Feb 2011 | 0 comments

Posted on behalf of Jo Hurcombe AV Operations Engineer, Symantec.cloud

 

 

Today, I identified a new targeted attack that for the first time makes reference to a discussion on the economic stakes in Libya’s current Crisis.

The email itself is very simple and is designed to appear as part of a discussion about the economic stakes in Libya's current crisis, with the sender claiming to agree with points raised in the attached document, as seen in the example given below.

Example of targeted email

 

The first example of this targeted attack was intercepted by Symantec.cloud on February 24, 2011 at 12:52 GMT. These attacks were targeted in nature and in total 27 individuals were targeted within six organizations. The emails were sent from four separate domains. All of the organizations targeted are involved in...