Tag Archives: PDF

Malware authors go a step further to access bank accounts

Malware authors like to play hide-and-seek. Social engineering tactics and hiding executable files inside trusted PDFs and Microsoft Office documents then emailing them as attachments are nothing new, but sometimes this one layer isn’t enough. This Avast Virus Lab analysis peels back the layers of a new threat. Malware authors continually surprise us with their creativity. […]

PDF invoices may cost more than you expect

      No Comments on PDF invoices may cost more than you expect

Misspelled invoice email claims to be looking for payment but steals confidential information instead.

Misspelled invoice email claims to be looking for payment but steals confidential informatio…

Las facturas PDF te pueden costar más de lo que crees

Circulan correos con facturas mal escritas que reclaman pagos pero que, en el fondo, roban información

Las facturas en formato PDF enviadas por correo electrónico se han vuelto muy populares en el mundo de los negocios actual, pero si no se toman las debidas precauciones, este tipo de archivos podría generar algunas dificultades a los usuarios. Por ejemplo, recibir estas facturas sin verificar la autenticidad del destinatario podría comprometer el equipo y poner en peligro la información confidencial de los usuarios.

The Dangers of a Royal Baby: Scams Abound

Big news stories are always an opportunity for scammers and spammers, who attempt to redirect users to malicious exploit kits or other unwanted services. Britain’s royal baby is the latest news to offer cover for malware. We have already found a lot of spam messages regarding the birth and baby that lead users to the Read more…

Emerging ‘Stack Pivoting’ Exploits Bypass Common Security

[This blog was primarily written by Xiaoning Li of Intel Labs, with assistance from Peter Szor of McAfee Labs.] In February 2013, the Adobe Product Security Incident Response Team (PSIRT) released security advisory APSA13-02. In that report they listed two vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that were widely exploited. At Intel Labs and McAfee Labs we Read more…

Tracking PDF Usage Poses a Security Problem

Looking back this year’s RSA Conference, you might have the feeling that the current threat landscape is primarily a series of advanced attacks. This concept includes well-known advanced persistent threats (APTs) and zero-day vulnerability exploits. To respond to this trend in threats, McAfee Labs has launched several innovative projects, one of which we call the Read more…

Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit

As promised in our previous blog entry for the recent Adobe Reader PDF zero-day attack, we now offer more technical details on this Reader “sandbox-escape” plan. In order to help readers understand what’s going on there, we first need to provide some background. Adobe Reader’s Sandbox Architecture The Adobe Reader sandbox consists of two processes: Read more…