| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <EPIIGHBBNABDNEAA@mailcity.com> From: secsquirrel at lycos.com (security squirrel) Subject: Xmas virus on the cards ? Hi all - I noticed this article at http://www.vnunet.com/News/1151553 and it looks alarming - however did not find any more details. If I understand well an HTML file is renamed to JPG and attached to an email. However I did not manage to reproduce this. This is my summary of the article: 1. xmas card emails to LEAD to innocent images which are not images but have viruses 2. Mail Filtering systems should handle images just like HTML files + educate 3. ISS reports that this was on a hacker mailing list 4. techniques to bypass firewalls by MISLABELLING html files as JPGs 5. Steven Darrall is a senior consultant at ISS X-Force Security Assessment Services 6. The problem is caused by Microsoft's Internet Explorer (IE) web browser automatically opening files labelled with .jpg or .gif extensions. 7. Hackers have posted a proof-of-concept file in which the content was a script that caused the browser to download and install a virus according to Darrall 8. The site serving the virus has since been shut down Is the image an attachment or is it simply a link to a .jpg file on an HTTP server? Did anyone manage to reproduce this or can point to the original post on the "hacker mailing list" which describes this? - Sec-Squirrel :) ____________________________________________________________ Free Poetry Contest. Win $10,000. Submit your poem @ Poetry.com! http://ad.doubleclick.net/clk;6750922;3807821;l?http://www.poetry.com/contest/contest.asp?Suite=A59101
Powered by blists - more mailing lists