This just arrived in my in-box. I wouldn't touch it with a barge pole. The Link goes to www.adobe-pdf-download.org and the name of the company in item 1. is misspelled.

Subject: Download Adobe PDF Reader For Windows

Dear valued customers,
Adobe PDF is pleased to announce new version for PDF Reader which enable you to view, create, edit  and print PDF documents. The PDF format as a global exchange document format is created by Adobe and is the most efficient way to exchange information.

You can simply follow the following instructions to make your PDF Reader/Writer most updated.

1. Visit Abode PDF website.

2. Download new version of Adobe PDF and get your application updated.

Thank you for choosing us, the worldwide leader PDF Reader.

Adobe PDF

Copyright Adobe PDF

Share this post

Hide Sites

Most of us open and read PDF attachments or downloads (our banks and government departments produce many documents for download this way) despite the fact that the security of the Adobe Acrobat reader has long been suspect. But now the company has confirmed that it is positively unsafe. Ryan Narain at ZDNet has the full story. Adobe confirms PDF zero-day attacks. Disable JavaScript now

Malicious hackers are exploiting a zero-day (unpatched) vulnerability in Adobe’s ever-present PDF Reader/Acrobat software to hijack data from compromised computers.

According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild.

The company has activated its security response process but declined to offer any more details until an investigation is complete.

Unfortunately, the company did not provide any mitigation guidance for customers.

The folks at ShadowServer describe the situation as “very bad.”

We did not discover this vulnerability but have received multiple reports of this issue and have examined multiple different copies of malicious PDFs that exploit this issue. This is legit and is very bad.

Here’s what we know so far:

We can tell you that this exploit is in the wild and is actively being used by attackers and has been in the wild since at least December 11, 2009. However, the number of attacks are limited and most likely targeted in nature. Expect the exploit to become more wide spread in the next few weeks and unfortunately potentially become fully public within the same timeframe. We are fully aware of all the details related to the exploit but do not plan to publish them for a few reasons:

1. There currently is no patch or update available that completely protects against this exploit.
2. There is little to no detection of these malicious PDF files from most of the major Antivirus vendors.

With that said we can tell you that this vulnerability is actually in a JavaScript function within Adobe Acrobat [Reader] itself. Furthermore the vulnerable JavaScript is obfuscated inside a zlib stream making universal detection and intrusion detection signatures much more difficult.

In the interim, Adobe PDF Reader/Acrobat users are urged to immediately disable JavaScript [as follows]:

Open Acrobat and Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat JavaScript

Or, better yet, use an alternative PDF Reader software program.

I use one called Foxit that works perfectly well, it also has a paid version called Foxit Pro that enables me to edit most PDF files except those locked with password protection. Although there's a learning curve, its very handy.

Share this post

Hide Sites

Ryan Naraine at ZDNet has the full technical details, but for most of us, the short form is that Mozilla’s flagship Firefox browser is vulnerable to at least 11 “critical” vulnerabilities that expose users to drive-by download attacks that require no user interaction beyond normal browsing.. Firefox hit by multiple drive-by download flaws [Read more →]

Share this post

Hide Sites

I always take the "hair on fire" approach to these issues with a grain of salt, especially when the reporter has something to gain from it. But writing off the latest from IBM X-Force Security Report Calls Web Insecure would be a mistake. [Read more →]

Share this post

Hide Sites

Scareware is just another form of social engineering, trying to get you and me to install malware by the easiest route, the one between our eys and our fingertips without the brain detour.

Like this in my email this morning

From: File Error Notification <ancomb@edarelo.com>
Subject: New Update to fix Windows File Errors

File Error Notification - Instructions To fix File Errors in your Registry:

Your PC may be suffering from serious file errors in your WINDOWS registry which may be the reason why your PC is running so slow, or crashing and freezing from time to time. Also, these can lead to major system problems and possible memory leaks.

Below are instructions that will enable you to Increase Your Computer's Speed, Power, Stability and Reliability in just a few minutes.

Press below to launch the Diagnostics Test download for no cost at all:
LINK DELETED

Once again, there are NO OBLIGATIONS for this FREE OFFER that includes our FREE Software, FREE Analysis, FREE Report and 24 Hour Support !

If after completing the free Diagnostic Test it is brought to your attention that your computer's registry does contain file "errors", then it may be in your computer's best interest to fix the potentially harmful file errors in your registry.

Press below to launch the Diagnostics Test download now:
LINK DELETED

To not receive future offers/promotions from "Error Nuker" please press on
the below link:
LINK DELETED

Or send us a letter at:

6965 El Camino Real
Suite 105 - 698
La Costa, CA 92009

We never send unsolicited email. You are receiving
this promotion on behalf of one of our partners. If you feel that
you are receiving this email in error or are not interested in receiving
future offers please go to LINK DELETED
, or contact
us via regular mail at 6965 El Camino Real 105-698 La Costa, CA 92009. We are not
responsible for third party offers, services or products and makes no
representations or warranties regarding them.

I would never trust such an unsolicited email anyway, but just for the hell of it I Googled their address which turns out to be a real place. It actually claims to be the home of Creative Commons in LA. Nice touch.

Google also gave me links to any mentions of the address and several turn up on forums across the web. Many of them like this. Very strange email - Piriform Community Forums

Firewall Gold Message Center: You may need to update your Firewall security settings as soon as possible:

Press here to update your Firewall security settings or read below for more information:
LINK REMOVED

There is a high possibility that your PC's Firewall security settings may become exploited by malicious websites without your knowledge. This could easily lead to the following attacks on your PC's hard drive:

- Unwanted Virus Downloads
- Uncontrollable Trojan horse attacks
- The running of unwanted script programs
- The installation of malicious spyware

When you conisder how often we are reminded that you can't afford to just trust the stuff you find in the media, newspapers, radio, TV or on the Internet, the number of people who still click the link and install the baddies is still staggering.

Have you had any interesting scareware lately? Details (minus links please) into the comments.

Share this post

Hide Sites