Copyright © 2000-2010, Solutionary, Inc. Current Adobe Exploits  2 different exploits in play  “Here you have”, “Just for you”  No Advisory – PDF Masking.

Slides:

Advertisements

Similar presentations

Reverse Engineering Malware and Mitigation Techniques

Advertisements

Chapter 17: WEB COMPONENTS

Thank you to IT Training at Indiana University Computer Malware.

Slide Heading Seminar Series: Managing IT Risk In 2010 Understanding End User Attack Vectors Brian Judd, CISSP SynerComm January 20, 2009.

GHOST glibc gethostbyname() Vulnerability CVE Johannes B. Ullrich, Ph.D. SANS Technology Institute

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

Update your Software or Die! Wolfgang Kandek Qualys, Inc. RMISC 2012 Denver - May 18, 2012.

By Hiranmayi Pai Neeraj Jain

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Threat Overview: The Italian Job / HTML_IFRAME.CU June 18, 2007.

How PNNL Manages Windows Desktops 1 Will Jorgensen.

Chapter 4 Application Security Knowledge and Test Prep

Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.

© 2010 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. David Lenoe | Wendy Poland Bullseye on Your Back Life on the Adobe Product.

Computer Security 1 Keeping your computer safe. Computer Security 1 Computer Security 1 includes two lessons:  Lesson 1: An overview of computer security.

 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.

Extending Zero Trust To The Endpoint

Module 1: Web Application Security Overview 1. Overview How Data is stored in a Web Application Types of Data that need to be secured Overview of common.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Cyber Crime Tanmay S Dikshit.

Unit 2 - Hardware Computer Security.

Staying Safe Online Keep your Information Secure.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.

Exploitation: Buffer Overflow, SQL injection, Adobe files Source:

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Network problems Last week, we talked about 3 disadvantages of networks. What are they?

10/14/2015 Introducing Worry-Free SecureSite. Copyright Trend Micro Inc. Agenda Problem –SQL injection –XSS Solution Market opportunity Target.

Application Security Chapter 8 Copyright Pearson Prentice Hall 2013.

1 Application Security: Electronic Commerce and Chapter 9 Copyright 2003 Prentice-Hall.

Brandon Resheske. What is Malware? Code designed to interfere with normal computer operation The correct general term, instead of ‘virus.’ Basically,

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Operating Systems Networking for Home and Small Businesses – Chapter.

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis Carsten Willems 1, Thorsten Holz 1, Felix Freiling 2 1 Ruhr-University.

Safe Downloading & Malware Prevention. Adobe Flash Update One program that will ask you to update often is Adobe Flash. While updating Flash is important,

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server

1 © Copyright 11/5/2015 BMC Software, Inc Click-through Demonstration BMC + McAfee = Automated Policy Compliance.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Understand Malware LESSON Security Fundamentals.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

Operating System Hardening. Vulnerabilities Unique vulnerabilities for: – Different operating systems – Different vendors – Client and server systems.

Adobe Acrobat MacroView PDF SharePoint Save Metadata Microsoft SharePoint PDF SharePoint Save v7 in Adobe Acrobat.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

Testing Exploits and Malware in an isolated environment Luca Allodi – Fabio Massacci – Vadim Kotov

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.

Vulnerability Expert Forum eEye Research April 14, 2010.

PDF Security Issues Doing your bit to help Betsy Kent May 2010.

For more information on Rouge, visit:

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Tom Hartig Check Point Software Technologies August 13th, 2015

Ilija Jovičić Sophos Consultant.

Chapter 6 Application Hardening

Backdoor Attacks.

Secure Software Confidentiality Integrity Data Security Authentication

Chapter 4: Security Baselines

Cyber Security Awareness Workshop

How To Install Adobe Acrobat.

Common Operating System Exploits

PSE-Endpoint-Associate Exam Study Questions & PSE-Endpoint-Associate PDF Training Material

How to Fix Windows 10 Update Error 0x ?.

Information Security Session October 24, 2005

Internet Worm propagation

Mcafee.com/activate

McAfee.com/activate. Mcafee Activate

Presentation transcript:

Copyright © , Solutionary, Inc. Current Adobe Exploits  2 different exploits in play  “Here you have”, “Just for you”  No Advisory – PDF Masking  “David Leadbetter’s One Point Lesson”  Adobe advisory CVE  Both delivered via and web-site access  Both result in  unintended code execution  additional mal-ware to be installed

Copyright © , Solutionary, Inc. Current Adobe Exploits  “Here you have”, “Just for you”  - McAfee  Classic bait-n-switch spam  Click on PDF or WMV get SCR or EXE  Shuts down security software  Installs to Windows directory as CSRSS.EXE  Drops.JPG.SCR files on network shares user has access to  “David Leadbetter’s One Point Lesson”  Advisory CVE (empty as of last night)  Actually uses PDF file – Very sophisticated ROP sled  Executes Javascript within file to cause exploit  Uses buffer overflow in cooltype.dll to get the ball rolling  Utilizes stolen Verisign certificate issued to secure2.ccuu.com  Bypasses ASLR & DEP using icucnv36.dll (Unicode)  Creates several files including iso88591, igxfver.exe, wincrng.exe, hlp.cpl

Copyright © , Solutionary, Inc. Mitigation  Aggressive AV/AS on gateways and end-points  Block attachments using gateways / IPS  Exploit shell-code based blocking  Attachment blocking etc.  Subject line blocking  Consider Alternatives: Foxitsoftware.com  Smaller, tighter  Has had security issues, very responsive to fixing them  End-point Hardening  Disable Javascript within Adobe Acrobat  Edit -> Preferences -> Javascript -> Uncheck  Vulnerability patching / end-point hardening  Security Awareness  Treat all unsolicited with PDF or ANY attachments with extreme caution!  Incident Identification / Response  How quickly can you react? What steps will you take?

Copyright © , Solutionary, Inc. Disabling Javascript in Acrobat