| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <418AB545.9030809@lava.net> From: prb at lava.net (Peter Besenbruch) Subject: New Phising attack FUD or Real? Dave King wrote: > There have been several sites that have announced a new phishing > attack that's been found in Brazil that rewrites the hosts file so > that when certain bank urls are entered they get directed to the site > in the hosts file rather than look it up on their DNS server.... > > Let me know if I'm wrong and other mail clients would be vulnerable > to this attack or if SP2 machines are vulnerable. I also believe it > is a good idea to disable WSH unless you need it (as it's a good idea > to disable anything you don't use). > Here are links to several stories about this new phishing scan. Here is another, and it answers some of your questions: http://www.theregister.com/2004/11/04/phishing_exploit/ The short answer is XP, SP2 is not vulnerable. Neither is any e-mail program that blocks Javascript in an e-mail. It also helps if the e-mail program doesn't use, or support ActiveX. > the only article that seems to says anything about patched users > being protected that I could find was this one: > http://software.silicon.com/security/0,39024655,39125549,00.htm In fairness to Microsoft, recent versions of Outlook and Outlook Express allow you to block the execution of scripting in an e-mail message, indeed, they are set to block scripts by default. ________________________________________________________________ Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky
Powered by blists - more mailing lists