There has been massive increase in targeted attacks in last few months. Malware writers prefer to infect victims using vulnerabilities in Microsoft Products and Adobe. There has been increase in MS/Adobe 0-days that helps malware hop from one machine to another with its payload which most of the times reports to a botnet. Social networking websites like Twitter and Facebook are becoming prime source for attackers to carry targeted attacks. Recently Mcafee published a report on 2010 Threat prediction: http://www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_pred ict_1209_v2.pdf
Recently, we also found similar mass attack using MS Word vulnerability and detailed report has been published here: http://torridnetworks.com/index.php/case-studies/50-information-security/139 -malware-analysis-report-for-a-targeted-attack-via-word-document-carried-out -against-few-sensitive-email-accounts-belonging-to-elite-customer-of-torrid. html Also, many corporate are coming up with social media policy for all their employees while using social networking portals which I think makes lot of sense to protect corporate from identity theft. Is there something similar happening at your organization as well? Many Thanks, Dhruv
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
