RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security

From: Mark Laurence (m.laurence_at_groveindependentschool.co.uk)
Date: 07/02/04

  • Next message: Marek Isalski: "Re: [Full-Disclosure] Presidential Candidates' Websites Vulnerable" 
    To: <1@malware.com>, <full-disclosure@lists.netsys.com>
Date: Fri, 2 Jul 2004 09:49:29 +0100

    I think the most likely scenario for the windows update thing would be that
    you would click on a link from a site you are surfing that advises you to
    install the latest updates by visiting windowsupdate. You follow the link,
    address bar looks good so you have no reason to expect a problem.
    The malicious link would have inserted a frame that looks like the scan for
    updates page, the user follows the scan for updates, installs what he thinks
    is a legit security update, which is in fact a piece of spyware or a trojan.
    User reboots and thinks nothing of it....in the meantime he has become a
    host for a load of p0rn or a gateway for hackers to use for anything they
    want.
    IMO anyway
    Mark

    > -----Original Message-----
    > From: full-disclosure-admin@lists.netsys.com
    > [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
    > http-equiv@excite.com
    > Sent: 02 July 2004 03:52
    > To: full-disclosure@lists.netsys.com
    > Subject: RE: RE: SUPER SPOOF DELUXE Re: [Full-Disclosure]
    > Microsoft and Security
    >
    >
    >
    > What an utterly pathetic scenario you present. Obviously
    > you're blissfully unaware of the current security trend of
    > site spoofing, 'phishing', url spoofing, DNS spoofing, zone
    > spoofing and on and on and on.
    >
    > and of course now very the latest 'security expert spoofing' !
    >
    > <!--
    >
    > "Your subject makes it sound like this is a spoofing vulnerability"
    >
    > You have to look at the prerequisite attack scenario. You are
    > surfing to some random site and out of nowhere it opens
    > WellsFargo.com or WindowsUpdate. At this point you are
    > thinking one of 2 things, either
    >
    > "What the.. I didn't go to WindowsUpdate/WellsFargo .. Let me
    > just close that window .. Damn popups"
    >
    > or
    >
    > "Hey how nice, WindowsUpdate/WellsFargo magically appeared in
    > front of me and I didn't even intend to go there .. I was
    > just surfing for porn .. Let me hurridly download some stuff
    > from there and give it my account details"
    >
    > -->
    >
    >
    >
    > --
    > http://www.malware.com
    >
    >
    >
    >
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >
    > ---
    > Incoming mail is certified Virus Free.
    > Checked by AVG anti-virus system (http://www.grisoft.com).
    > Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
    >
    > 

    ---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: Marek Isalski: "Re: [Full-Disclosure] Presidential Candidates' Websites Vulnerable"

    Relevant Pages
    • Quantcast