lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40643245.27501.2FC5DA1B@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: RE: [Unpatched] PivX Predictions Confirmed,
 Qwik-Fix Protected

"Alerta Redsegura" <alerta@...segura.com> wrote:

> The following is an excerpt from a PivX statement which is worth quoting:
> 
> ---
> 
> "PivX Predictions Confirmed, Qwik-Fix Protected
> Over the course of the last 2 years, PivX Solutions has warned the security
> industry and the public about the possibility of automatically executing
> email worms. This week, we have seen the launch of the first such successful
> mass-emailing worm, namely Bagle.Q and its variants.
> 
> These worms differ from ordinary email borne viruses in that they require no
> user interaction such as opening an email attachment. Instead, they
> automatically infect a user?s machine the instant the email is displayed."
> 
> ---
> 
> Bagle.Q the "first successful mass-emailing worm" able to auto-execute when
> previewed or read????
> 
> What about Nimda, Bugbear, Klez and all the saga of auto-executing email
> worms that started back in 2001?

And what about BubbleBoy and Kak from 1999?

Seems PivX has missed the best part of half a decade of "auto-executing 
from only (pre)viewing the Email message" viruses...

> I must be missing something...

Perhaps the chance for fame and glory PivX is hoping for from all the 
free publicity that will be generated from its entirely bogus claims 
being picked up and repeated more or less verbatim by a media machine 
now much more focussed on "entertaining" than on "informing" and whose 
recent history suggests the concept of "fact checking" is now such a 
dim and distant memory as to have become irrelevant to its content 
production process???  (With apologies to the four real journalists who 
will read this and still do proper fact-checking...)


-- 
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ