If you haven’t noticed, there have been a lot of attacks against major government contractors lately. As you can imagine this affects many of the infosec pros around DC looking to make a name for themselves. Lockheed, Northrop, Booz, … I’m sure many of us have been affected in one way or another. The most recent story to hit the wire is of a CFP, shown at right, disguised in a spiked PDF document. Open it and you get a real-looking CFP form. Unfortunately, you are also being p0wned. Specifically, your machine connects back to the attacker so he can do his tidings. Be careful out there…
The last few months have seen a lot of cyber attacks aimed at U.S. military contractors and they are still ongoing.
F-Secure researchers have recently spotted an email obviously directed at military contractors’ employees, which contains a malicious .pdf attachment.