lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 May 2016 16:28:27 +0200 From: Danny Kopping <dannykopping@...il.com> To: sebb@...b767.de Cc: Fulldisclosure <fulldisclosure@...lists.org> Subject: Re: [FD] Skype Phishing Attack I have found an identical vulnerability in Twitter and they gave me a similar dismissive response. Should I submit another message with my method? On 17 May 2016 4:01 PM, "Sebastian" <sebb@...b767.de> wrote: > Hey all, > > I don't think "pop up a full featured window on the client" is your > everyday phishing attack. This is easily exploited even for experienced > users, since this is definitely not what you'd expect to originate from > Skype (and for example Steam tends to annoy you with login popups > sometimes, i.e. when changing your IP). > > So yes, we don't need your average phishing attack, but this is surely a > vulnerability and the publication hopefully forces M$ to do something about > it. > > Am 2016-05-13 03:51, schrieb Reindl Harald: > >> oh no - please don't post each and every phishing attack on FD becasue >> then we would see nothing else when mailadmins start to do the same >> >> Am 11.05.2016 um 22:57 schrieb Danny Kopping: >> >>> [...] >>> >> >> >> >> _______________________________________________ >> Sent through the Full Disclosure mailing list >> https://nmap.org/mailman/listinfo/fulldisclosure >> Web Archives & RSS: http://seclists.org/fulldisclosure/ >> > > Greetings, > Sebastian Kaim > > -- > > A great many of today's security technologies are "secure" only because > no-one has ever bothered attacking them. > -- Peter Gutmann > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists