Two security companies today released a joint report describing an ongoing series of attacks against government contractors that have been occurring since at least early 2009. According to the vendors Seculert and Zscaler, attackers are sending firms phishing e-mails with fake invitations to conferences, often in the form of PDF files that exploit flaws in Adobe Reader. The file installs what the vendors call an "MSUpdater" Trojan that poses as a legitimate Windows Update process. In reality, the Trojan is a remote access tool that can steal information from a company's network for as long as the breach remains undiscovered.

What are your thoughts? Click here to view the original post.