This week, it's -you- specifically being targeted with a phishing attack. The bad guys know very well that the most powerful weapons are administrator's credentials, as those really are the keys to the kingdom. So, what they are using is the instantly famous report that Mandiant wrote about the Chinese military hacking into 141 mostly U.S. businesses. An infected PDF version of the original report, titled "APT1: Exposing One of China's Cyber Espionage Units, is now being used as spear phishing bait to get IT people to open it up using two fake names: Mandiant.pdf and Mandiant_APT2_Report.pdf. The infected document leverages a just-patched hole in Adobe Reader (CVE-2013-0641) and was first spotted in Asia. Keep your eyes peeled for it hitting your own inbox. In the mean time, the actual report is fascinating reading, and you can find it here at the Mandiant website
Cancel
