Re: [Full-disclosure] All China, All The Time



Not based on what I've read - it was a coordinated attack via email attachments, etc. But who really knows? Homeland Security described the "equipment" used in the "bombing" of flight 253 to be "a sophisticated device. It was gunpowder sewn into the crotch of dude's tighty-whities.

But, I must say, at least someone found a use for that flap think in the front of the underwear. I mean, I know what it's for, but I don't know anyone that actually uses it.

Oop, just made up a joke. "What kind of underwear to Nigerian terrorists wear? Fruit of the Boom." Badum.

t



From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of James Matthews
Sent: Thursday, January 14, 2010 7:48 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] All China, All The Time

They used an IE exploit to get in. I don't understand Google said that they used a complex way to access their systems. AFAIK many home users are hacked daily the same way....


On Thu, Jan 14, 2010 at 7:44 PM, Ivan . <ivanhec@xxxxxxxxx<mailto:ivanhec@xxxxxxxxx>> wrote:
Interesting article on zdnet, talking about the targeting of the
lawful intercept system at Google

...they [hackers] apparently were able to access a system used to help
Google comply with search warrants by providing data on Google users,
said a source familiar with the situation, who spoke on condition of
anonymity because he was not authorized to speak with the press.
"Right before Christmas, it was, 'Holy s***, this malware is accessing
the internal intercept [systems],'" he said.

http://blogs.zdnet.com/Foremski/?p=1047

2010/1/15 Michael Holstein <michael.holstein@xxxxxxxxxxx<mailto:michael.holstein@xxxxxxxxxxx>>:

With all the hubbub around China yet again, I would like to remind you of the utilities available at Hammer of God that allow one to completely block any or all traffic to or from China or any other country in the world via ISA/TMG.


Source for pre-built blocklists in DNSBL, CIDR, or Cisco ACL format :

http://www.okean.com/thegoods.html

Regards,

Michael Holstein
Cleveland State University


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



--
http://www.goldwatches.com

--




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
    ... Does that mean that Google and Co are attacking the researcher? ... [Full-disclosure] Google vulnerabilities with PoC ... Certified Application Security Specialists: ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Fwd: [SA-GOOGLE-420] Leslie Hawthorn - Geek herder, druggy, pe
    ... [Full-disclosure] Leslie Hawthorn - Geek ... You could imagine I am quite partial of Google for their ... Being a "weekend warrior" (Doing recreational drugs on the ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Google Maps XSS (currently unpatched)
    ... I try the POC and I get a javascritp alert with the text "Google Sucks":P ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Does someone know this guy at google?
    ... I have no idea if he works for Google but I don't think that someone would use their real name and real home phone number in a scam. ... my cell phone is in my domain whois and that's not a reason to be cell blasted looser... ... Full-Disclosure - We believe in it. ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
    ... Does that mean that Google and Co are attacking the researcher? ... [Full-disclosure] Google vulnerabilities with PoC ... Certified Application Security Specialists: ...
    (Full-Disclosure)