-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jan 13, 2010 at 11:39 AM, Paul Ferguson <[email protected]> wrote:
> > On Wed, Jan 13, 2010 at 11:35 AM, Joel Esler <[email protected]> wrote: > >> yeah, but that doesn't tell me how the attack too place, from a >> technical standpoint. :) > > There is pretty clear evidence that someone (more than one someone, > apparently) opened an attachment they shouldn't have, as described here: > > http://www.f-secure.com/weblog/archives/00001854.html > One additional note: some of the latest PDF exploits lead to a Trojan which includes a backdoor, very much like Poison Ivy, a very popular RAT in the Chinese hacker underground. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLTiNwq1pz9mNUZTMRAnJ2AJ0X0cJXqjhYRcyezG8SaMzhA8VdCACcCVqU w5i/ePI0dLhHKOGJ0Cbjxnw= =KYR9 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
