SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, January 12, 2010

Why Would APT Exploit Adobe?

Posted on 7:29 PM by Unknown
After reading this statement from Adobe, they seem to be using the same language that described the Google v China incident:

Adobe became aware on January 2, 2010 of a computer security incident involving a sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies. We are currently in contact with other companies and are investigating the incident.

Let's assume, due to language and news timing, that it's also APT. Would would APT exploit Adobe? Am I giving Adobe too much credit if I hypothesize that APT wanted to know more about Adobe's product security plans, in order to continue exploiting Adobe's products?

If that is the case, who else might APT infiltrate? Should we start looking for similar announcements from other software vendors?
Email ThisBlogThis!Share to XShare to Facebook
Posted in apt, china, threats | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Review of Intelligence, 4th Ed Posted
    Amazon.com just posted my five star review of Intelligence: From Secrets to Policy, 4th Ed by Mark Lowenthall . From the review : I was a...
  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • SQL Injection Challenge and Time-Based Security
    Thanks to this Tweet by @ryancbarnett, I learned of the lessons learned of the Level II component of the ModSecurity SQL Injection Challen...
  • Review of Robust Control System Networks Posted
    Amazon.com just posted my five star review of Robust Control System Networks by Ralph Langner . From the review : I am not an industrial ...
  • Bejtlich's Thoughts on "Why Our Best Officers Are Leaving"
    Twenty-two years ago today I flew to Colorado Springs, CO and reported for Basic Cadet Training with the class of 1994 at the United States ...
  • Bejtlich Teaching at Black Hat West Coast Trainings
    I'm pleased to announce that I will be teaching at  Black Hat West Coast Trainings  9-10 December 2013 in Seattle, Washington. This is a...
  • Risk Modeling, not "Threat Modeling"
    Thanks to the great new book Metasploit (review pending), I learned of the Penetration Testing Execution Standard . According to the site,...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Tort Law on Negligence
    If any lawyers want to contribute to this, please do. In my post Shodan: Another Step Towards Intrusion as a Service , some comments claim ...
  • Bejtlich Teaching at Black Hat DC 2011
    Over the holiday break I've been putting the finishing touches on TCP/IP Weapons School 3.0 , to be presented first at Black Hat DC 2011...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ▼  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ▼  January (25)
      • Two Dimensional Thinking and APT
      • Example of Threat-Centric Security
      • Mandiant M-Trends on APT
      • Review of Professional Penetration Testing Posted
      • Energy Sector v China
      • Look Beyond the Exploit
      • Review of Network Maintenance and Troubleshooting ...
      • Submit Questions for OWASP Podcast
      • Sguil 0.7.0 on Ubuntu 9.10
      • Attribution Using 20 Characteristics
      • Help Bro Project with Short Survey
      • Attribution Is Not Just Malware Analysis
      • Is APT After You?
      • Review of Inside Cyber Warfare Posted
      • Bejtlich Teaching at Black Hat EU 2010
      • What Is APT and What Does It Want?
      • Why Google v China is Different
      • Security Team Permissions
      • Friday is Last Day to Register for Black Hat DC at...
      • Why Would APT Exploit Adobe?
      • Has China Crossed a Line?
      • Mechagodzilla v Godzilla
      • Google v China
      • Happy 7th Birthday TaoSecurity Blog
      • Excerpts from Randy George's "Dark Side of DLP"
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile