Adobe: Nation-State Attackers Are Adobe's Biggest Worry

Discussion in 'other security issues & news' started by MrBrian, Sep 20, 2011.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From http://threatpost.com/en_us/blogs/nation-state-attackers-are-adobes-biggest-worry-092011:
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Following links in the blog reveals one of the recent attacks:

    RSA SecurID attack details unveiled – lessons learned
    http://blogs.gartner.com/avivah-lit...tails-unveiled-they-should-have-known-better/
    From the Adobe Advisory:

    Back to the Gartner blog:

    Aha! The payload. An unauthorized executable file.

    As a System Administrator said to me many years ago, the fact that a trojan executable can install in such attacks means that there is no policy in place dictating that employees can not install something on their own, without Administration/Support approval.

    I'll refer to my trusty example from the Los Angeles Police Department:

    Naturally, such a restriction may not make for happy employees, but nonetheless, that policy does work to prevent this type of remote code execution attack.

    And so, it would not matter whether the attacker is a misguided teenager, or a nation state.

    regards,

    -rich
     
Loading...
Thread Status:
Not open for further replies.