#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Adobe Reader

Australian medical centre infected with Ransomware Malware demanding $4000 to Unlock

Australian medical centre infected with Ransomware Malware demanding $4000 to Unlock
Dec 10, 2012
A Gold Coast, Australian medical centre computers are infected with some ransom malware by a group of Russian hackers . The hackers encrypted the practice's patient database, demanding payment of $4000 for the files to be decrypted. " Cyber criminals based mainly throughout Eastern Europe look for rich targets, places with identifying information to extort, " Mr Phair, director of the Centre for Internet Safety and a former investigator with the Australian High-Tech Crime Centre. There have been 11 similar offences in Queensland this year, according to police. David Wood, Miami Family Medical Centre's co-owner said, " We've got all the anti-virus stuff in place - there's no sign of a virus. They literally got in, hijacked the server and then ran their encryption software ". The server with encrypted information is being held offline and an IT contractor is working with the practice to restore a backup of patient records. IT security exper

Adobe Reader zero-day vulnerability with modified Blackhole Exploit-Kit

Adobe Reader zero-day vulnerability with modified Blackhole Exploit-Kit
Nov 08, 2012
Group-IB , a Russian cybercrime investigation company has discovered a zero-day vulnerability, affects Adobe Reader X and Adobe Reader XI. The vulnerability is also included in new modified version of Blackhole Exploit-Kit , which is used for the distributing the banking Trojans (Zeus, Spyeye, Carberp, Citadel) with the help of exploitation different vulnerabilities in client-side software. The particular exploit is available in underground forums for as much as $50,000 and bug is dangerous because it permits cybercriminals to run arbitrary shellcode by bypassing the sandbox feature integrated into the more recent versions of Adobe Reader. For now this flaw is distributed only in only small circles of the underground but it has the potential for much larger post-exploitation methods. The exploit is limited to  Microsoft Windows installations of Adobe Reader and it can't be fully executed until the user closes his Web browser (or Reader). Adobe representatives said that

Firefox 17 Beta Released with Click-to-Play Plugins for blocking vulnerable Plugins

Firefox 17 Beta Released with Click-to-Play Plugins for blocking vulnerable Plugins
Oct 12, 2012
Last week, Mozilla announced it will prompt Firefox users on Windows with old versions of Adobe Reader, Adobe Flash, and Microsoft Silverlight, but refused to detail how the system will work. Finally today  Firefox 17 is now in beta and with it is a very cool feature, click-to-play plugins. When a user lands on a site that requires the use of a plugin, say Adobe Flash, if the version running in the user's browser is on the list of known vulnerable applications, Mozilla will disable it and show the user a message saying that she needs to update the plugin. " By combining the safety of the blocklist with the flexibility of click-to-play, we now have an even more effective method of dealing with vulnerable or out-of-date plugins. " Mozilla wrote on blog. Mozilla is still working on implementing the controls, which would allow you to block all plugins by default and then pick where you want them to run. As already mentioned, this feature will be enabled by
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.