What's happening: Cybercriminals broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat.
What it means: Visitors to websites serving comics from King Features are at risk of having their PCs taken over by malware on the websites designed to exploit the recently discovered flaw in Acrobat Reader. Most antivirus programs will fail to detect the malware attack.
More strategically, the story illustrates the imagination and creativity that cybercriminals bring to their work. Like lions in the jungle, cybercriminals are on the prowl, looking for any sign of weakness they can exploit.
What to Do: Tactically: disable Javascript as described in our previous blog post. Be on the alert for a patch from Adobe. Implement an intrusion detection and prevention system.
Strategically: Make sure you're staying ahead of the cybercriminals as the risk of falling behind continues to grow.
**********************************
Hackers exploit Adobe Reader flaw via comic strip syndicate
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
►
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
- ► April 2010 (39)
- ► March 2010 (65)
- ► February 2010 (38)
- ► January 2010 (27)
-
▼
2009
(83)
-
▼
December 2009
(17)
- USA Today: Cybercrooks stalk small businesses that...
- Apple issues security updates for Mac OS X
- GSM Cell Phone Encryption Broken
- Cloud Computing Security
- Howard Schmidt - Information Systems Security Ass...
- Hackers exploit Adobe Reader flaw via comic strip ...
- Web Attack on Twitter Demonstrates Deep Internet Risk
- Hackers target unpatched Adobe Reader, Acrobat flaw
- Viruses That Leave Victims Red in the Facebook
- In Shift, U.S. Talks to Russia on Internet Security
- Security Alert: Check your Facebook 'privacy' sett...
- Zeus crimeware appears to be using Amazon's EC2 as...
- Brian Krebs, Washington Post Journalist, Named Cyb...
- Critical updates for Adobe Flash, Microsoft Windows
- Cisco Publishes 2009 Annual Security Report
- La. firm sues Capital One after losing thousands i...
- Phishers angling for Web site administrators
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
-
▼
December 2009
(17)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com