Latest News

ACMA secures pledges from major online retailers to block "dodgy" mobile sales

Vic energy department seeks CIO

Defence gives $84m IT support contract to Unisys

NBN Co puts a longer predictive lens on its digital twin ambitions

Cochlear pilots voice-to-text Salesforce integration for lead management

Syria bombing phishing emails serve exploits

By Danielle Walker

Sep 10 2013 10:00AM

Reader and Java targeted.

Malicious emails disguised as breaking news of a US bombing of Syria are making the rounds online.

Syria bombing phishing emails serve exploits

Kaspersky senior anti-virus researcher Roel Schouwenberg said the phishing campaign contained shortened links leading to an exploit kit that targeted vulnerable Adobe Reader and Java software.

More often, however, phishers prefer to use the “more reliable” Java exploits, he wrote.

Once users click malicious links in the fake CNN emails, they're led to the exploit kit, which downloads a trojan capable of distributing other malware on compromised machines.

“If the US do[es] decide in favor of military action against Syria, we can expect a lot more Syria-themed malicious emails,” Schouwenberg warned.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, US edition

Tags:

adobe exploits java phishing reader security syria

Partner Content

Cyber Engineering launches at ctrl:cyber with former Shelde founders

Partner Content Cyber Engineering launches at ctrl:cyber with former Shelde founders

Suntory Oceania’s $30 million IT transformation powers carbon-neutral multi beverage facility

Partner Content Suntory Oceania’s $30 million IT transformation powers carbon-neutral multi beverage facility

Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Partner Content Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Machine identity a key priority for organisations’ security strategies: CyberArk

Partner Content Machine identity a key priority for organisations’ security strategies: CyberArk

Sponsored Whitepapers

The cloud tipping point

The cloud tipping point

How AI will deliver real business value

How AI will deliver real business value

The multicloud imperative

The multicloud imperative

Your multicloud advantage

Your multicloud advantage

The business value of Oracle Autonomous Database

The business value of Oracle Autonomous Database

Events

iTnews Executive Retreat - Security Leaders Edition

Most Read Articles

WA man jailed for at least five years for evil twin attack

WA man jailed for at least five years for evil twin attack

Services Australia may get powers to rein in data breach exposure

Services Australia may get powers to rein in data breach exposure

ASX outage caused by security software upgrade

ASX outage caused by security software upgrade

Apple, Google send new round of cyber threat notifications to users

Apple, Google send new round of cyber threat notifications to users

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories