Get a Pentest and security assessment of your IT network.

News

Adobe Exploit Bypasses ASLR and DEP, Drops Signed Malicious File

Attackers are using a previously unknown exploitation technique that bypasses both ASLR and DEP to exploit the unpatched Adobe Reader bug. The exploit works on machines running either Windows Vista or Windows 7 and is also dropping a file on compromised machines that is signed using a stolen, valid digital certificate. Kaspersky Lab: The malicious file installed on machines compromised via the new Reader exploit is digitally signed by a valid certificate belonging to a credit union in Missouri. The company is planning to add a sandbox to upcoming versions of Reader to help prevent attacks against the application.

Source: https://threatpost.com/adobe-exploit-bypasses-aslr-and-dep-drops-signed-malicious-file-090910/74445/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Reflection of cyber-attack to Wells Fargo in world media

News

CVE-2016-6563 RCE flaw affects D-Link Routers, disable remote admin