GLOBAL SECURITY ADVISOR RESEARCH BLOG

Often the disclosure of a password is no fault of our own but rather the result of a website or application compromise. Use these tips to develop a password management strategy that will dramatically decrease your overall risk if any one of your passwords is compromised. Hopefully the next time you have to create a strong password it won't take nearly as long to think up something secure.

Today, Total Defense Research Team was informed of new ransomware circulating among Italian users pretending to be an official statement by the Italian Police. This malware is spread by drive-by-download through websites compromised with malicious JavaScript code.

Earlier yesterday, a few SMS Trojans were found in Android Market and subsequently removed from the market place. In this blog post, we will be demonstrating some of the interesting behaviours uncovered through dynamic analysis.

This blog is written to emphasize the importance of physical security in this current day and age. I myself am a victim to a recent physical security breach that happened with Lucky Superstores in the United States, which has resulted in the theft of debit card details of many of its customers. It has been confirmed that more than 20 stores are affected through the 500 or more self-checkout stations which were compromised to aid in this physical security based attack.

Recently, Adobe has released a new security advisory, APSA11-04, alerting users about a critical vulnerability in Adobe Reader and Acrobat.

The U3D memory corruption vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system. This means that the malicious files could be downloaded or dropped on the affected system.

Adobe is in the process of finalizing a fix for the issue and expects to make available an update for Adobe Reader 9.x and Acrobat 9.x for Windows no later than the week of December 12, 2011. Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, Adobe is currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for January 10, 2012. Adobe is planning to address this issue in Adobe Reader and Acrobat X and earlier versions for Macintosh as part of the next quarterly update scheduled for January 10, 2012. An update to address this issue in Adobe Reader 9.x for UNIX is planned for January 10, 2012.