|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security
From: Mark Laurence (m.laurence
groveindependentschool.co.uk)
Date: Fri Jul 02 2004 - 03:49:29 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I think the most likely scenario for the windows update thing would be that
you would click on a link from a site you are surfing that advises you to
install the latest updates by visiting windowsupdate. You follow the link,
address bar looks good so you have no reason to expect a problem.
The malicious link would have inserted a frame that looks like the scan for
updates page, the user follows the scan for updates, installs what he thinks
is a legit security update, which is in fact a piece of spyware or a trojan.
User reboots and thinks nothing of it....in the meantime he has become a
host for a load of p0rn or a gateway for hackers to use for anything they
want.
IMO anyway
Mark
> -----Original Message-----
> From: full-disclosure-adminlists.netsys.com
> [mailto:full-disclosure-adminlists.netsys.com] On Behalf Of
> http-equivexcite.com
> Sent: 02 July 2004 03:52
> To: full-disclosurelists.netsys.com
> Subject: RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure]
> Microsoft and Security
>
>
>
> What an utterly pathetic scenario you present. Obviously
> you're blissfully unaware of the current security trend of
> site spoofing, 'phishing', url spoofing, DNS spoofing, zone
> spoofing and on and on and on.
>
> and of course now very the latest 'security expert spoofing' !
>
> <!--
>
> "Your subject makes it sound like this is a spoofing vulnerability"
>
> You have to look at the prerequisite attack scenario. You are
> surfing to some random site and out of nowhere it opens
> WellsFargo.com or WindowsUpdate. At this point you are
> thinking one of 2 things, either
>
> "What the.. I didn't go to WindowsUpdate/WellsFargo .. Let me
> just close that window .. Damn popups"
>
> or
>
> "Hey how nice, WindowsUpdate/WellsFargo magically appeared in
> front of me and I didn't even intend to go there .. I was
> just surfing for porn .. Let me hurridly download some stuff
> from there and give it my account details"
>
> -->
>
>
>
> --
> http://www.malware.com
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
>
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]