I published the following diary on isc.sans.edu: “Simple PDF Linking to Malicious Content“:
Last week, I found an interesting piece of phishing based on a PDF file. Today, most of the PDF files that are delivered to end-user are not malicious, I mean that they don’t contain an exploit to trigger a vulnerability and infect the victim’s computer. They are just used as a transport mechanism to deliver more malicious content. Yesterday, Didier analyzed the same kind of Word document. They are more and more common because they are (usually) not blocked by common filters at the perimeter… [Read more]