lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: api at epost.de (Axel Pettinger)
Subject: Beware of 'IBM laptop order' email

Skip Duckwall wrote:
> 
> Since it's a phishing email, I'm sure the exploit they're referring to 
> is the one that exploits the compiled help files (.chm files), even 
> though it's not exactly new... Although the way the hostile chm files 
> are executed without user intervention has been patched (the MS-ITS
> vulnerability in MS04-013 I believe...)
> 
> This type of phishing scam isn't really all that new and you can find 
> all sorts of writeups using google.
<snip>
> 
> just my guess....

Good guess ...
http://groups.google.com/groups?threadm=1085148506.86377.0%40despina.uk.clara.net

Regards,
Axel Pettinger

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ