Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe Patches

Published: 2012-11-08
Last Updated: 2012-11-08 22:13:31 UTC
by Daniel Wesemann (Version: 1)
0 comment(s)

Rumor has it that there is an Adobe Reader (PDF) zero-day. Google "Group IB zero day", and you'll find all the news outlets quoting each other. We don't have a sample PDF yet. If you have one, please share.  Needless to say that a PDF exploit is serious, and if indeed embedded in the Blacole exploit kit, is even more serious.  Not that the bad guys need PDF though .. it looks to me like 70% of the Internet is anyway still vulnerable to CVE2012-4681 (Java JRE), which has been in Blacole since late August.

Not a rumor: Flash Player has a couple of serious vulnerabilities, and Adobe has the patches: https://www.adobe.com/support/security/bulletins/apsb12-24.html   Not that this is news, really. Adobe browser plugin products NOT having serious vulnerabilities for a change .. now THAT would be news.
 

 

0 comment(s)
ISC StormCast for Thursday, November 8th 2012 http://isc.sans.edu/podcastdetail.html?id=2926

Get a 40% discount on your hotel room!

Published: 2012-11-08
Last Updated: 2012-11-08 00:31:45 UTC
by Daniel Wesemann (Version: 1)
1 comment(s)

Here's a novel (to me) phishing approach. Cal, one of our readers, was staying at a hotel in Arizona on business, and he got a call to his room from the - alleged - front desk. They were saying that their computer had gone down, and that they needed to re-verify his billing information.

Cute, isn't it.

Being a security geek, Cal didn't fall for it, said that he was currently talking on his mobile phone with his wife, and whether he could call back. Not surprisingly, the "front desk" seemed a tad reluctant to provide a number. Stalemate. That's when the phish caller came up with a very customer service oriented approach: "We really regret this trouble, and we will gladly offer you 40% off your room rate for the inconvenience"

But no dice: Not even the prospect of a "rebate" was sufficient to convince Cal to hand out his personal data and credit card information to an unknown caller. He hung up, walked down to the front desk, and upon asking, the lady at the front desk put her head down and said "You too? They've been calling 201, 203, 204, 210, and now you?"

Given the right circumstances and timing, I'd say quite a few hotel guests would fall for this. Make sure you are not one of them!
 

1 comment(s)
Diary Archives