Web

Another zero-day exploits Adobe and runs wild masquerading as a PDF

adobe reader

If you don’t know the sender, don’t open up the attached PDF. The warning applies to Adobe PDF Reader versions 9.5.3, 10.1.5, and 11.0.1 according to security firm FireEye, which first discovered the PDF zero-day exploit running rampant.

What happens is that the exploit, according to the hacker who discovered it, “drops two DLLs.” A DLL is a type of Microsoft file format called a Dynamic-link library. If you’ve visited a malicious website and had a DLL dropped into your computer without realizing what happened, the “fake” DLL with the same name as an existing DLL file can trick Windows to run in the background and wreak havoc.

adobe pdf zero day

With this hack in particular, FireEye explains how the DLL takes advantage of you – note that the exploit affects Windows, Mac, and Linux. “The first DLL shows a fake error message and opens a decoy PDF document, which is usually common in targeted attacks. The second DLL in turn drops the callback component, which talks to a remote domain.”

The security company adds that Adobe’s security team has been notified of the exploit’s existence, which Adobe later confirmed:

“Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild. We are currently investigating this report and assessing the risk to our customers.”

Since Adobe has yet to publish an update on its PDF’s vulnerability, it looks like the exploit could very well still be active at the time of this writing.

This is Adobe’s third zero-day that comes on the heels of two Flash-based zero-day vulnerabilities, which tricked victims into opening up attachments that impersonated Microsoft Word documents when in fact these attachments opened up malicious flash content. Adobe quickly patched these two vulnerabilities on Monday.

Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Mobile

Here's how to convert a Kindle book to PDF using your desktop or the web

Amazon's Kindle is one of the best ebook readers on the market, but it doesn't make viewing proprietary files on other platforms any easier. Here's how to convert a Kindle book to PDF using either desktop or web-based applications.
Computing

Convert your PDFs into convenient Word documents with Adobe or a free option

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.
Computing

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Social Media

YouTube to crack down on dangerous stunts like the ‘Bird Box’ challenge

YouTube already bans content showing dangerous activities, but new rules published by the site go into greater detail regarding potentially harmful challenges and pranks, including certain blindfold- or laundry detergent-based stunts.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Social Media

Nearly a million Facebook users followed these fake Russian accounts

Facebook purged two separate groups behind more than 500 fake accounts with Russian ties. One group had ties to Russian news agency Sputnik, while the other had behavior similar to the Internet Research Agency's midterm actions.
Computing

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Smart Home

Amazon Prime members number more than 100 million in the U.S., survey says

Consumer Intelligence Research Partners estimated there were 101 million U.S. Amazon Prime members as of December 31, 2018. Last April, CEO Jeff Bezos wrote there were more than 100 global million Prime members.
Computing

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.
Computing

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
Computing

Always have way too many tabs open? Google Chrome might finally help

Google is one step closer to bringing tab groups to its Chrome browser. The feature is now available in Google's Chrome Canady build with an early implementation that can be enabled through its flag system.
Computing

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.