Re: [Full-disclosure] Setting the record straight on "The Return ofKoobface"
- From: "Mr. Hinky Dink" <dink@xxxxxxxxxxxxxxx>
- Date: Sat, 20 Mar 2010 16:14:18 -0400
Absolutely you are correct, but if you check the blog there are further
references up to last Friday. It was a tremendous, jaw-dropping flood of
Kooberz proxies the last two weeks. And it's still coming.
The point is us Little Guys are paying attention, too. And sometimes we
catch this shit before the Big Boys like Dancho and Kaspersky wake up and
smell the coffee. Since February I've been wondering Why The Hell I hadn't
heard anything in the ITsec press on this new resurgence. Did they hold
back so Dancho could publish his "Ten Things You Didn't Know About The
Koobface Gang" article? Or so Microsoft could gloat over "taking down" the
Wimpy Waledac botnet? Is the Good News always published before the Bad News
in the security industry press release cycle?
The fact remains, Koobface marches on and the security industry can't stop
it. Period. I will be among the first to jump up and down and yell "RA!"
when someone takes it down, but it ain't going to happen soon. All I can do
is sit back and watch while the Big Boys get their headlines.
BTW, I don't consider myself "bitter". I'm what you might call "tangy".
Thanks for your support,
Hinky
----- Original Message -----
From: J Roger
To: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Saturday, March 20, 2010 3:28 PM
Subject: Re: [Full-disclosure] Setting the record straight on "The Return
ofKoobface"
This reads as "waaa i noticed this first and didn't think much of it but now
that someone else is making a big deal, i want my credit". Maybe you
reported on it first on your blog, with a single sentence that wasn't even
the primary focus of the post. Regardless if an up rise in koobface is
significantly news worthy or not, you apparently failed to draw enough
attention (or the right attention) to it at the time.
In other words, maybe you did it first, but someone else did it better.
What's more valuable to an enterprise, someone that quickly writes a risk
assessment that's so sloppy the management with authority to act on the
findings don't even bother to read it, or someone that takes the time to
write a report on the same findings that actually speaks to the business and
be able to make positive changes happen.
You talk about being bitter towards the security industry (which IS
understandable) but maybe it's time to reflect back a little on yourself.
Maybe it's not ALL the industries fault. Maybe the sources of your
bitterness have a little something to do with your inability to make enough
of the right things happen. Sure you're a "Big Time Security Professional",
but maybe your blog wasn't enough to get the word out. Maybe you felt it
wasn't even worth getting the word out or sounding any alarms. If that's the
case though, don't go back now and try to take credit.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- References:
- Prev by Date: Re: [Full-disclosure] SQL DB Structure Extraction vulnerabilities
- Next by Date: [Full-disclosure] [CORELAN-10-015] - Remote Help 0.0.7 Httpd DoS (Format String)
- Previous by thread: Re: [Full-disclosure] Setting the record straight on "The Return of Koobface"
- Next by thread: Re: [Full-disclosure] Setting the record straight on "The Return ofKoobface"
- Index(es):
Relevant Pages
|
