lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20081115203858.BD7A32803D@smtp.hushmail.com>
Date: Sat, 15 Nov 2008 15:38:58 -0500
From: adrian.lamo@...hmail.com
To: phisher_hunter@...oo.com, rholgstad@...il.com, juha-matti.laurio@...ti.fi
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: OS X malware family has a new member:
	OSX.Lamzev.A

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What the fuck are you talking about now, n3td3v?  There is no
mention of a vulnerability.  There is no evolving situation.
Please keep your technically misunderstood blogging to your own
internet site and off of our lists.  You probably don't even know
what the differences are between zeroday exploits, 0day exploits,
unknown vulnerabilities, known vulnerabilities, and exploits being
found in the wild, do you?

- -adrian
(not the homeless dude, the other one)

On Sat, 15 Nov 2008 05:38:34 -0500 Juha-Matti Laurio <juha-
matti.laurio@...ti.fi> wrote:
>This is and was the situation when writing the entry.
>More information and information about the possibly previously
>unknown vulnerability related to the Trojan is not available.
>
>Now Symantec analysis says that
>-Trojan creates the file /tmp/com.apple.DockSettings
>-inserts its contents into ~/Library/LaunchAgents, and
>-deletes /tmp/com.apple.DockSettings.
>
>Source:
>http://www.symantec.com/business/security_response/writeup.jsp?doci
>d=2008-111315-1230-99&tabid=2
>
>Juha-Matti
>
>Mario D [phisher_hunter@...oo.com] kirjoitti:
>> They may be under pressure from Apple to not release details. 
>Remember the MacBook wireless drama?
>>
>> --- On Fri, 11/14/08, rholgstad <rholgstad@...il.com> wrote:
>> From: rholgstad <rholgstad@...il.com>
>> Subject: Re: [Full-disclosure] OS X malware family has a new
>member: OSX.Lamzev.A
>> To: "Juha-Matti Laurio" <juha-matti.laurio@...ti.fi>
>> Cc: full-disclosure@...ts.grok.org.uk
>> Date: Friday, November 14, 2008, 12:27 PM
>>
>> Sweet more non-tech writeup from securiteam. I am beginning to
>wonder if
>> securiteam is really a technical company or just a bunch of
>clueless
>> journalists like Nate McFeters.
>>
>> Juha-Matti Laurio wrote:
>> > New Trojan horse for Mac OS X found, the Trojan is known as
>OSX.Lamzev.A
>> by Symantec.
>> >
>> > A short history of Mac malware:
>> > Mac.Hovdy.a (June '08),
>> > OSX.Exploit.Launchd (June '06), and
>> > Leap.A (February '06).
>> >
>> > More at
>> > http://blogs.securiteam.com/?p=1160
>> >
>> > Juha-Matti
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAkkfM2IACgkQ8J2EGU1ixm7HygP/bsjkw5HQFHmwSUdhS7xpamtdlEdu
J47Iw4WLYkIGVqPsdZnMwZQ2SaptCAAw7Kuu2QoWX4A7/wFHcVJk3ztQgrrzov1KV4qz
AlDHt3s42zStFk1ppdtEESGokIsT02WufxhA/EdofN6lsgiZ3Wx/1FcEAqtW7QW9eayM
1YOkVRk=
=yA13
-----END PGP SIGNATURE-----

--
Go to massage therapy school and make up to $150/hour, click now!
http://tagline.hushmail.com/fc/PnY6qxsbdahOU8beZPfXxw6fIQ1P7sUQVKoI5wzcqomKxIPI9eyrG/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ