traffic-light-protocol-green-notice-jpgAlthough we spend a lot of time managing emails, our attention spans have gotten shorter. The average adult’s attention span is now just 8 seconds, reportedly less than a goldfish.

Hackers are counting on this lack of attention to detail in order to ensure their success in creating havoc. In a recent posting on the Public Intelligence open-source website, DHS’ National Cybersecurity and Communications Integration Center (NCIC) released a Traffic Light Protocol (TLP) Green Notice dated October 17th. The TLP warns of a recent phishing scam aimed at government personnel. Highlights of the document are as follows:

In the form of an email with the subject line “UNPAID INVOIC,” this exploit instructs the recipient to open a PDF attachment believed to contain malicious content. If the PDF is opened, JavaScript embedded within the document directs the recipient to an external, malicious website where harmful malware can be installed to the recipient’s machine.

Although initial analysis of the exploit found the filename for the PDF attachment to be “invoice621785.pdf” and its file size as “476741,” several security vendors report a number of variances in the file name. In some instances the numbers following “invoice” differ, and sometimes the word “invoice” is spelled correctly, sometimes not.

Only 29 out of 54 security vendors are able to detect this exploit at the present time, analysis on the MD5 Hash in Virus Tool revealed. In addition, it’s possible that machines may become compromised with the same malware that affects banking institutions called Dyre/Dyreza.

To reduce the chance of compromise, security experts are advised to use “best practices” by applying patches and security updates for Adobe Acrobat and Reader in a timely manner. Adobe has issued patches and software updates to address this particular exploit.

For more information regarding this malware vulnerability, see the full Traffic Light Protocol on the Public Intelligence website.

==========

APPLICATION DEVELOPMENT: Blue Mountain Data Systems is dedicated to Application Development and Systems Integration for Federal Civilian Agencies, Document Management Systems that help in the preparation, scanning, indexing, categorizing and quality control of millions of pages of paper documents to electronic format and the Automation of Workflow Processes. Call us at 703-502-3416.

==========

 

TLP Green Notice Reveals Exploit Aimed at Government Personnel

Leave a Reply