Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - Best Practice to Prevent PDF Attacks InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Best Practice to Prevent PDF Attacks

Published: 2010-06-09
Last Updated: 2010-06-09 19:51:40 UTC
by Deborah Hale (Version: 1)
4 comment(s)

I subscribe to Search Security at Tech Target and receive newsletters from them on a regular basis.  It just so happens the one that I received
today had an article about how Enterprise can prevent an attack due to PDF hacks. I just read through the article and found it a very good refresher
on best practices for protecting against any malware spread by using any number of compromised attachments.  

It is human nature I guess,  that we open attachments from folks we know and unfortunately even some we don't know.  Often times these attachments
contain more than we bargained for.  Because Adobe is on every computer in the world (ok - maybe an exaggeration) it is a really big target.  And
because it is a really big target there are a number of vulnerabilities associated with one component or another.  The article from Tech Target states:

"According to McAfee Inc. Avert Labs, as of Q1 2010, malicious malformed
PDF files are now involved with 28% of all malware directly connected to exploits."

Considering the number of different possible attack vectors this 28% is huge.  The article goes through some very common sense tips for protecting
your organization.  This article though focusing on misused PDF's can be used to protect against other potential attack vectors.  

Some may say this is old news and common sense and I won't disagree.  But sometimes the old makes things new again.

http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1513908,00.html?track=NL-422&ad=769731&asrc=EM_NLT_11739094&uid=6115703

 

Deb Hale Long Lines, LLC

4 comment(s)
Diary Archives