• About admin

    PDF Beacons with JavaScript openDoc API

    by  • May 2, 2013 • Uncategorized

    I saw earlier in the week that McAfee had disclosed a information leak through one of the PDF JavaScript APIs. While it wasn’t exactly spelled out, I recognized the bug description as one I had reversed back in May of 2012. Why didn’t it hit the public then? Well, it wasn’t that interesting and...

    Read more →

    Same CVE-2012-0158, Different Builder

    by  • March 11, 2013 • Uncategorized

    Over the past few weeks, I have been fortunate to watch the birth of a new CVE-2012-0158 builder that demonstrates original technique with excellent results (not for long). What is a builder you ask? Well, some attackers/researchers/whatever like ...

    Read more →

    Mandiant APT2 Report Lure

    by  • February 21, 2013 • Uncategorized

    This morning I identified a PDF with the name "Mandiant_APT2_Report.pdf" uploaded from India and was using a lure different than what Symantec just reported on. The file is password protected following the theme Xecure and myself had seen last yea...

    Read more →

    Existing Vulnerabilities > 0days

    by  • February 16, 2013 • Uncategorized

    Earlier today I accidently opened up Twitter and saw this tweet: Some may disagree with the statement, but looking at targeted files on a daily basis, I would say it's pretty accurate. Truth be told, it only takes one person to open up the infecte...

    Read more →