lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200407020949750.SM01788@3gp4server>
From: m.laurence at groveindependentschool.co.uk (Mark Laurence)
Subject: SUPER SPOOF  DELUXE Re: Microsoft and Security

I think the most likely scenario for the windows update thing would be that
you would click on a link from a site you are surfing that advises you to
install the latest updates by visiting windowsupdate. You follow the link,
address bar looks good so you have no reason to expect a problem. 
The malicious link would have inserted a frame that looks like the scan for
updates page, the user follows the scan for updates, installs what he thinks
is a legit security update, which is in fact a piece of spyware or a trojan.
User reboots and thinks nothing of it....in the meantime he has become a
host for a load of p0rn or a gateway for hackers to use for anything they
want.
IMO anyway
Mark

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> http-equiv@...ite.com
> Sent: 02 July 2004 03:52
> To: full-disclosure@...ts.netsys.com
> Subject: RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] 
> Microsoft and Security
> 
> 
> 
> What an utterly pathetic scenario you present. Obviously 
> you're blissfully unaware of the current security trend of 
> site spoofing, 'phishing', url spoofing, DNS spoofing, zone 
> spoofing and on and on and on.
> 
> and of course now very the latest 'security expert spoofing' !
> 
>  <!-- 
> 
> "Your subject makes it sound like this is a spoofing vulnerability"
> 
> You have to look at the prerequisite attack scenario. You are 
> surfing to some random site and out of nowhere it opens 
> WellsFargo.com or WindowsUpdate. At this point you are 
> thinking one of 2 things, either 
> 
> "What the.. I didn't go to WindowsUpdate/WellsFargo .. Let me 
> just close that window .. Damn popups" 
> 
> or 
> 
> "Hey how nice, WindowsUpdate/WellsFargo magically appeared in 
> front of me and I didn't even intend to go there .. I was 
> just surfing for porn .. Let me hurridly download some stuff 
> from there and give it my account details"
> 
>  -->
> 
> 
> 
> --
> http://www.malware.com
> 
> 
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
>  
> 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ