lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: prb at lava.net (Peter Besenbruch)
Subject: New Phising attack FUD or Real?

Dave King wrote:

> There have been several sites that have announced a new phishing
 > attack that's been found in Brazil that rewrites the hosts file so
 > that when certain bank urls are entered they get directed to the site
 > in the hosts file rather than look it up on their DNS server....
> 
> Let me know if I'm wrong and other mail clients would be vulnerable
> to this attack or if SP2 machines are vulnerable.  I also believe it
 > is a good idea to disable WSH unless you need it (as it's a good idea
 > to disable anything you don't use).

> Here are links to several stories about this new phishing scan.

Here is another, and it answers some of your questions:
http://www.theregister.com/2004/11/04/phishing_exploit/

The short answer is XP, SP2 is not vulnerable. Neither is any e-mail
program that blocks Javascript in an e-mail. It also helps if the e-mail
program doesn't use, or support ActiveX.

> the only article that seems to says anything about patched users
> being protected that I could find was this one:
> http://software.silicon.com/security/0,39024655,39125549,00.htm

In fairness to Microsoft, recent versions of Outlook and Outlook Express
allow you to block the execution of scripting in an e-mail message,
indeed, they are set to block scripts by default.
________________________________________________________________

Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky


Powered by blists - more mailing lists