lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: mlande at bellsouth.net (Mary Landesman)
Subject: FW: Last Microsoft Patch

> Thanks for the reminder on that.

So much of the focus is on the appearance of the email itself, sometimes
these smaller details are easy to forget, i.e. the fact that it can also
send itself as a bounce message or that it spoofs a variety of from
addresses. I wonder sometimes if the focus on the patch masquerade has
actually helped Swen's efforts to spread, since all the cautions are about
one specific facet of it. Hence, those users who aren't expecting it to be
in a bounce message might believe the bounce message to be legitimate and be
more inclined to open the attachment, not having "heard" about this as being
a threat.

> organic memory parity error

My new favorite phrase! Now if I can only remember it...

-- Mary

----- Original Message ----- 
From: "Chris DeVoney" <cdevoney@...ashington.edu>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, October 16, 2003 2:54 PM
Subject: RE: [Full-Disclosure] FW: Last Microsoft Patch


On Wednesday, October 15, 2003 4:41 PM, Mary Landesman wrote:

> Swen also uses microsoft.com; the samples I have received do
> so more often than not.
>
> For a full list, see: http://www.f-secure.com/v-descs/swen.shtml

Thanks for the reminder on that. The first couple of these I received had
MSN.COM and MSNBC.COM and some pseudo security mail box from Microsoft.com.
The first two immediately made me darn suspicious even before the synapses
clicked on MS never e-mailing these things.

As my using outdates vs. updates (which, mercifully no one has pointed out
my obvious error), maybe there is a new outward patch delivery mechanism ...
or an organic memory parity error occurred.

cdv

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ