IFIN - The Independent Federated Intelligence NetworkWe've been tracking this Adobe 0-day in Acrobat Reader. Still no patch from Adobe (and no word on affected versions). Per the discoverer, this attack has been ongoing for months.
https://discourse.ifin.network/t/adobe-0-day-seen-in-the-wild/250
Adobe 0-day seen in the wild
This is an interesting find. PDF exploits are rare and this one looks to be very targeted. Also "yummy_adobe_exploit_uwu.pdf" is a malware naming convention that reminds me why I love this community. I’m struggling to come up with some good detections for this one though. I was hoping for the process tree behavior but this seems very common with acrobat.exe: ``` Acrobat.exe (PID:6416) “manual.pdf” ├── AdobeCollabSync.exe -c (PID:3520) ├── AdobeCollabSync.exe -c (PID:5424) [stealth_timeo...