lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 09 Apr 2007 23:34:26 -0600
From: "n3td3v" <n3td3v@...h.com>
To: <full-disclosure@...ts.grok.org.uk>
Cc: 
Subject: Re: Fwd: threat to corporate security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

n3td3v apppologizes to the community for wasintg everyones time
with
old news.

> the conspiracy is a lot of spam actually belongs to hackers.
hackers
> are increasingly using fake penis enlargement e-mail to probe the
out
> of office auto responders of large corporations. its amazing how
much
> information is left on auto responders, espeically at popular
vaction
> times like easter and xmas.

n3td3v realizes that this warning was first reported by n3td3v's
favorite news provider, abc news back in 2002
http://archives.neohapsis.com/archives/isn/2002-q4/0361.html

and again in 2004
http://seclists.org/pen-test/2004/Aug/0210.html

and even in 2007
http://www.pcmag.com/article2/0,1759,2088710,00.asp

n3td3v also appoologizes for insulting people in th esecurity
community that are undeserving of this kind of behavior. n3td3v
sincerely aprologizes to gadi evron and dave aitel. but not rob
lemos. n3td3v will forgiv rob next week.


On Mon, 09 Apr 2007 10:18:33 -0600 n3td3v <n3td3v@...il.com> wrote:
>---------- Forwarded message ----------
>From: n3td3v <n3td3v@...il.com>
>Date: Apr 9, 2007 4:44 AM
>Subject: threat to corporate security
>To: Yahoo Security Contact <security@...oo-inc.com>,
>paranoids@...oo-inc.com
>
>
>the conspiracy is a lot of spam actually belongs to hackers.
>hackers
>are increasingly using fake penis enlargement e-mail to probe the
>out
>of office auto responders of large corporations. its amazing how
>much
>information is left on auto responders, espeically at popular
>vaction
>times like easter and xmas. individual employees un firmilar with
>security issues are increasingly throwing inetrnal operational
>information for co-workers to pick up, n3td3v said. the problem is
>its
>more than co-workers who are picking up this information and using
>it
>for hacking large corporations like yahoo. you can't rely on your
>employees anymore, corporations have got to start probing inboxes,
>because the bad guys are, n3td3v said. corporations have got to
>get
>tough on thsi n3td3v said. you got to harden your defenses on this
>front and strenghen your security policya t the same time to
>reassure
>security teams that employees are still aware of the threat of
>internet facing corporate mail boxes spewing out all kinds of
>information which is ultimately damaging for the company and its
>long
>term ecnomic interests. large corporations don't want to get
>hacked by
>simple yet effective attack vectors like this, n3td3v said,
>corporate
>security teams have really got to take this seriously and do
>something
>about it. just when you thought all that spam thats being sent
>aroudn
>the internet clogging up mail servers only have a commercial
>purpose,
>no, hackers are starting to to hitch a free ride on spam trends
>and
>are increasingly dressing up mail box probes as popular spam to
>effectively ping the inboxes of large multinationals to harvest
>out of
>office responder data, n3td3v finished saying in a statement sent
>early monday.
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkYbIX8ACgkQ+Rh5rcRCO0ZF6AP9GYNt4tYYr48LV/PKnh70P3ZGaqhX
4w3T1z+HdE936pqCqWAFGUp9kuSBmBEwoPPRttcw1KMFNPMATXwYZyWe/+Tu/pQR55r7
lkVEyo0nyBSYZtRjDVAfmVtWzbVXArvNATcLOkCov0FSoMs7NZkR8AGFKovLbpEc000A
Nze2TRk=
=154h
-----END PGP SIGNATURE-----

--
Click for free info on online doctorate degrees and make $250k/ year
http://tagline.hushmail.com/fc/CAaCXv1ZYZ8in7lBQU5qaJCU6hBebYne/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ