lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACqxkWK44sZP+PQkuZ_74=jPrFQKuLz9MS=5=oOXG_VX2sAzCw@mail.gmail.com>
Date: Fri, 5 Oct 2012 18:51:04 +0100
From: Nick Boyce <nick.boyce@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Your account could be at risk of
 state-sponsored attacks

On Fri, Oct 5, 2012 at 8:04 AM, Aftermath <aftermath.thegreat@...il.com> wrote:

> In the last two weeks some of my cyber friends have been getting this
> message in their gmail.
>
> http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=2591015
[...]
> Has anyone else gotten this message from Google in the last 3 days?
> Mine was  Tue, 2 Oct 2012 22:34:31 -0700

Nope - no such messages received at this Gmail address - I also looked
in the Spam folder back as far as 25th.Sept .. none there either.

Nor have I received any emails with suspicious attachments at this
address .... though I'm bombarded by them at various other non-Google
addresses.  Googlemail seems to have pretty good filtering of
mainstream malware and spam, so I find your story a little puzzling.

NB: the Googlemail support page the link points to says you should
have been directed there by a message "above your inbox", *not* in the
body of an actual email.

As the support page says, they also use other indicators to decide you
may be being targeted, such as "suspicious login attempts".

Maybe your cyber-friend-group is resident in a particularly targeted
geographical region and Google knows it .... or maybe Google *has*
successfully detected _some_ malware on its way to you, and noticed
that the malware is sufficiently mutable in character (polymorphic)
that other variants may have made it through undetected.

Nick
-- 
Q: How many Bavarian Illuminati does it take to screw in
a lightbulb?
A: Three: one to screw it in, and one to confuse the issue.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ