Get a Pentest and security assessment of your IT network.

News

Adobe Exploit Bypasses ASLR and DEP, Drops Signed Malicious File

Attackers are using a previously unknown exploitation technique that bypasses both ASLR and DEP to exploit the unpatched Adobe Reader bug. The exploit works on machines running either Windows Vista or Windows 7 and is also dropping a file on compromised machines that is signed using a stolen, valid digital certificate. Kaspersky Lab: The malicious file installed on machines compromised via the new Reader exploit is digitally signed by a valid certificate belonging to a credit union in Missouri. The company is planning to add a sandbox to upcoming versions of Reader to help prevent attacks against the application.

Source: https://threatpost.com/adobe-exploit-bypasses-aslr-and-dep-drops-signed-malicious-file-090910/74445/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Vulnerabilities In Alibaba threatens security of million users

News

Russian cybercriminal Roman Seleznev gets another prison sentence