lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 Aug 2021 15:26:57 -0400 From: Jeffrey Walton <noloader@...il.com> To: Nick Boyce <nick.boyce@...il.com> Cc: Full Disclosure List <fulldisclosure@...lists.org> Subject: Re: [FD] Spammers Using storage[.]googleapis[.]com ?!!? On Tue, Aug 3, 2021 at 1:35 PM Nick Boyce <nick.boyce@...il.com> wrote: > > I notice that among the spam in my Gmail spam folder, there are a > number of "address-check" type messages (i.e. that just seek > confirmation my address exists), which attempt to get their response > by performing a scripted redirect via a web property belonging to > Google ...... and I tend to think "Huh? ... Surely Google wouldn't let > that happen ... is this redirect something that by some chance they > don't know about ?". > > Every link in the spam has the following HREF: > > https://storage[.]googleapis[.]com/medya00/redirectDOM80.html#[long-alphanum-string-that-presumably-identifies-me] > ... > FWIW, people complain that Amazon AWS is also abused in the same way. > > [No, I haven't bothered to let Google know directly - all of my > attempts to let them know about other minor issues with their services > have just resulted in a deafening silence - but I will try if folks > think I should.] That's nothing compared to Sharepoint and sharepointonline.com. I get 10 to 20 pieces of offensive emails daily from Microsoft's cesspool. All using those useless redirects under the guise of "sharing a document" with me and offering me sex. Microsoft has more garbage spewing from their web properties than Amazon, Google, IBM, Salesforce and Rackspace combined (based on my experience). sharepointonline.com is the crack neighborhood of the virtual world. Microsoft is a slumlord... Jeff _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists