lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 12 Jan 2009 09:29:07 +1100 (EST)
From: "Chris Wallis" <work@...ek.org>
To: full-disclosure@...ts.grok.org.uk
Subject: US-CERT Current Activity - Malicious Code
 Circulating via Israel/Hamas Conflict Spam Messages

Just got this from US Cert. With what's going on with this list. I fought
I might share with you all...

With some of the crap on this list lately I really do hope it is spambots...

~Chris Wallis


__________
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

Original release date: January 9, 2009 at 9:25 am Last revised: January 9,
2009 at 9:25 am


US-CERT is aware of public reports of malicious code circulating via spam
email messages related to the Israel/Hamas conflict in Gaza.
These messages may contain factual information about the conflict and
appear to come from CNN. Additionally, the messages indicate that
additional news coverage of the conflict can be viewed by following a link
provided in the email body. If users click on this link, they are
redirected to a bogus CNN website that appears to contain a video.
Users who attempt to view this video will be prompted to update to a new
version of Adobe Flash Player in order to view the video. This update is
not a legitimate Adobe Flash Player update; it is malicious code. If users
download this executable file, malicious code may be installed on their
systems.

US-CERT encourages users and administrators to take the following
preventative measures to help mitigate the security risks:
  * Install antivirus software, and keep the virus signatures up to
    date.
  * Do not follow unsolicited links and do not open unsolicited email
    messages.
  * Use caution when visiting untrusted websites.
  * Use caution when downloading and installing applications.
  * Obtain software applications and updates directly from the
    vendor's website.
  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
    for more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
    document for more information on social engineering attacks.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

====
This entry is available at
http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
=PU6L
-----END PGP SIGNATURE-----




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists