Researchers at anti-spam firm Red Condor are warning users of malicious emails crafted to look like a legitimate thread of forwarded messages discussing Adobe software vulnerabilities. The thread begins with an email supposedly coming from an employee in Adobe's Risk Management department that warns recipients of a denial-of service-vulnerability and urges them to apply a patch. Adding legitimacy to the campaign, the emails appear to have been forwarded by people of higher positions in the recipient's organization. The messages contain a link to an executable, which has been identified as a trojan. Adobe, in a Wednesday blog post, advised people to ignore the email. — AM
One campaign posed as an HR department mandating vaccine information, another leveraged an XSS flaw to disguise a malicious download, and a third leveraged Verizon's Vzwpix service to mass-distribute emails.