PDF

(get it in RSS or Atom)

Festive season security myth: "If there are no links in an email, it can't be a phish."

topiary-chain-250

The festive season is a good time to make sure your friends and family haven't fallen in with falsehoods when it comes to computer security.

Paul Ducklin examines an email with no clickable links that was nevertheless a classic phish...

Monday review - the hot 21 stories of the week

Monday review - the hot 24 stories of the week

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Adobe investigates PDF Reader zero-day vulnerability reports

Adobe investigates PDF Reader zero-day vulnerability reports

Adobe's security team has said that it is investigating reports of a brand new zero-day vulnerability affecting its Adobe Reader and Acrobat XI (11.0.1) products.

Always be wary of opening unsolicited PDF files!

Monday review - the hot 24 stories of the week

dow-250

It's weekly roundup time.

Here's everything we've written in the past seven days.

It's really important you update your Foxit PDF Reader, but unfortunately their website is down

It's really important you update your Foxit PDF Reader, but unfortunately their website is down

There's something to be said for not going with the crowd, when it comes to securing your computer.

But you best have your fingers crossed that your alternative providers' websites don't fall over when you need a security update.

Vulnerability reported in Foxit PDF plugin for Firefox - how to mitigate it

Italian security researcher Andrea Micalizzi has recently reported a vulnerability in the latest Foxit PDF plugin for Firefox.

Paul Ducklin examines the situation and gives a simple workaround.

Fake Apple invoices lead to Blackhole exploit kit that drains your bank account

Fake Apple invoices lead to Black Hole that drains your bank account

A new round of spams proclaims you have been charged for a large purchase from Apple.

All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.

MediaFire restores virus researcher’s account, questions copyright troll and DMCA claim

megaphone_250: MediaFire Restores Virus Researcher’s Account, Questions Copyright Troll and DMCA Claim

Cloud-based storage firm MediaFire restored account access to a virus researcher who was suspended after a mysterious firm claimed virus samples she posted on the service violated copyright protections.

Cloud storage firm flags malware as "Copyrighted Material," boots security researcher

Cloud storage firm flags malware as "Copyrighted Material," boots security researcher

A malware researcher finds herself in company with First Lady Michelle Obama and science fiction author Neil Gaiman: booted from the web by hard-headed copyright protection algorithms.

How PDFs can infect your computer via Adobe Reader vulnerabilities [VIDEO]

Adobe Reader vulnerability. How PDFs can infect your computer [VIDEO]

Adobe PDF vulnerability exploitation caught on camera.

Sophos security expert Chet WIsniewski demonstrates how malicious PDFs can infect your computer.

Encoding malicious PDFs as XDP files to bypass anti-virus? No need to panic

Encoding malicious PDFs as XDP files to bypass anti-virus? No need to panic

GovCertUK, the UK Government's Computer Emergency Response Team, had issued an alert warning that attackers could bypass gateway anti-virus software to infect organisations, by encoding malicious PDF files into the XDP format.

PDF malware adopts another obfuscation trick in attempt to avoid detection

PDF malware adopts another obfuscation trick in attempt to avoid detection

SophosLabs researcher Paul Baccas takes a close look at a way in which malware authors attempt to disguise their attacks inside boobytrapped PDF files.

Why is a 14-month-old patched Microsoft vulnerability still being exploited?

no-brainer

While the media just looove zero-day exploits, the security industry sees a lot more exploits designed to take advantage of patched vulnerabilities. Question is why don't many of us get around to installing the patches?

How NOT to redact a PDF - Military radar secrets spilled

How NOT to redact a PDF - Air defence radar secrets spilled

The UK Ministry of Defence has been caught out again by a schoolboy error - not knowing how to properly redact a PDF.

As we've explained before, if you're an organisation that is making public an internal document, you best make sure that you have deleted or blacked out any personal, confidential or actionable information.

Mac OS X Trojan hides behind malicious PDF disguise

Mac OS X Trojan hides behind malicious PDF disguise

A fascinating new example of Mac malware has been discovered, that appears to be adopting an old Windows-style disguise to fool users into running it.

It's disguise? A controversial political dispute between China and Japan.

TWiT.tv - malware infects Leo Laporte's website

twit-thumb

The website run by internet celebrity Leo Laporte, TWiT.tv, has been hit by a malware infection intended to infect visiting computers.

Internet Explorer users have low IQ? Media hoaxed by bogus research

Internet Explorer users have low IQ? Media hoaxed by bogus research

Media organisations are duped by false research claiming that Internet Explorer users are dumb.

How NOT to redact a PDF - Nuclear submarine secrets spilled

How NOT to redact a PDF - Nuclear submarine secrets spilled

A silly error leaves egg on the face of the British military - but have you learnt the lessons of how to properly redact a PDF?

Who ordered spam? New trick in PDF malware uncovered

Who ordered spam? New trick in PDF malware uncovered

SophosLabs researcher Paul Baccas takes a close look at a PDF malware campaign.

Malicious PDF attack spammed out from compromised VioVet email system

Malicious PDF spammed out from compromised VioVet email system

If you're a customer of VioVet, the UK pet supplies and medications website, then be very careful opening your email this morning.

Customers have received an email purporting to contain a £50 gift certificate from the firm - but they're really being pointed to malware.