Fake CNN emails claim US have started bombing Syria
We’re currently seeing a spam run which involves a (fake) report from CNN saying that the US have started bombing Syria.
Clicking the shortened link will lead to an exploit kit which targets older, vulnerable versions of Adobe Reader and Java. The attackers favor using the Java exploit over the Reader exploit, as Java exploits are generally more reliable.
The exploit will download a Trojan-Downloader onto the system, which will subsequently download various other malware.