Outlook Express Weakness / Solaris Apache Bug / Winamp Exploitation / Translations / End of Internet / Social Engineering Story
Outlook Express Weakness
Today we received a report from Juha-Matti Laurio. He reported a flaw in Outlook Express 6, which may disclose email addresses in "BCC:" fields to other recipients when sending multipart messages, which is disabled by default.
This weakness was confirmed by our ISC Handler Lorna, which gave a simple and complete explanation:
"Just like fragmentation...only the first email from the fragmented original
message contains the Bcc list."
Juha-Matti also reported it to Secunia, which published an advisory about it with more details.
Reference: http://secunia.com/advisories/12376/
Solaris Apache Bug
Another interesting advisory from Secunia is about Multiple Vulnerabilities in Apache for Sun Solaris. "These vulnerabilities can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system."
Time to Patch!
Reference: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628
http://secunia.com/advisories/12377/
Winamp Exploit used in the wild
We received information about Winamp vulnerability being exploited. An exploit is already public available and is reported being used in the wild.
Reference: http://secunia.com/advisories/12381/
Translations
ISC Handler Tom Liston, on his diary on August 23rd, on the 'Follow the Bouncing Malware, Part II' topic,mentioned:
"...And some downright bizarre stuff:
Hara Hara Mahadev !!!
tum agar badshah hai to hum eespeek ka yekka!
(Would anyone care to enlighten me?)"
A reader sent the translation to us:
"This appears to be Hindi, the translation of which is approximately:
Illuminating, Illuminating Eminence!!!
If you are a king then accept a lesson of a bug!"
and
"Hara Hara Mahadev !!!
tum agar badshah hai to hum eespeek ka yekka!"
Green green big king!!!
If you are a king then we are Ace of (what ever eespeek is)
End of Internet
An update about 'The End of Internet' prediction came from VirusList website.
According the VirusList website, some news agencies misinterpreted Kaspersky words.
"...The story stems from brief comments made
yesterday at a press conference which was dedicated to cybercrime and the
problems of spam.
At this press conference, Kaspersky commented that the possibility of
terrorists using the Internet as a tool to attack certain countries was
a reality. As an example, he cited the fact that a number of Arabic and
Hebrew language websites contained an announcement of an 'electronic
jihad' against Israel, to start on 26th August 2004."
Reference: http://www.viruslist.com/eng/index.html?tnews=461517&id=2100900
Social Engineering
This is a little story about social engineering and what you could do to avoid future problems.
Average Joe's wife received a phone call about 7:00pm from an alleged employee of Joe's adsl phone company provider, offering a software called SoS-Phone, to be installed in Joe's computer, to enhance the internal network security, for a cost of only 1 dollar/month. For that, he had to arrange a visit to Joe's house to check the computer environment.
Average Joe's wife ask the guy to call later because she had to talk to his husband first and he wasnt there. Then, she called his brother-in-law asking about that, because Joe's brother works in the security department of the same Phone Company!:) and then discovered that there was no such product!
Possible usage of this attack:
- Install malicious software to steal credit card number, passwords...
- Use this to get into your home and rob your house
- ...
In this example, if she wasn't lucky enough to have someone that she could verify, she could follow some steps to identify such scams:
- Check with the company if such product really exists, using 800 numbers, internet...
- Ask for name and a phone number that you could call back and verify the credentials
- use your common sense
believe...this CAN happen...
I am Joe's brother and this happened yesterday...:)
------------------------------------------------------------------
Olympic Games 2004 Status: Brazil 2 Gold/ 1 Silver/ 2 Bronze
Handler on Duty: Pedro Bueno <bueno/AT/ieee.org>
Today we received a report from Juha-Matti Laurio. He reported a flaw in Outlook Express 6, which may disclose email addresses in "BCC:" fields to other recipients when sending multipart messages, which is disabled by default.
This weakness was confirmed by our ISC Handler Lorna, which gave a simple and complete explanation:
"Just like fragmentation...only the first email from the fragmented original
message contains the Bcc list."
Juha-Matti also reported it to Secunia, which published an advisory about it with more details.
Reference: http://secunia.com/advisories/12376/
Solaris Apache Bug
Another interesting advisory from Secunia is about Multiple Vulnerabilities in Apache for Sun Solaris. "These vulnerabilities can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system."
Time to Patch!
Reference: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628
http://secunia.com/advisories/12377/
Winamp Exploit used in the wild
We received information about Winamp vulnerability being exploited. An exploit is already public available and is reported being used in the wild.
Reference: http://secunia.com/advisories/12381/
Translations
ISC Handler Tom Liston, on his diary on August 23rd, on the 'Follow the Bouncing Malware, Part II' topic,mentioned:
"...And some downright bizarre stuff:
Hara Hara Mahadev !!!
tum agar badshah hai to hum eespeek ka yekka!
(Would anyone care to enlighten me?)"
A reader sent the translation to us:
"This appears to be Hindi, the translation of which is approximately:
Illuminating, Illuminating Eminence!!!
If you are a king then accept a lesson of a bug!"
and
"Hara Hara Mahadev !!!
tum agar badshah hai to hum eespeek ka yekka!"
Green green big king!!!
If you are a king then we are Ace of (what ever eespeek is)
End of Internet
An update about 'The End of Internet' prediction came from VirusList website.
According the VirusList website, some news agencies misinterpreted Kaspersky words.
"...The story stems from brief comments made
yesterday at a press conference which was dedicated to cybercrime and the
problems of spam.
At this press conference, Kaspersky commented that the possibility of
terrorists using the Internet as a tool to attack certain countries was
a reality. As an example, he cited the fact that a number of Arabic and
Hebrew language websites contained an announcement of an 'electronic
jihad' against Israel, to start on 26th August 2004."
Reference: http://www.viruslist.com/eng/index.html?tnews=461517&id=2100900
Social Engineering
This is a little story about social engineering and what you could do to avoid future problems.
Average Joe's wife received a phone call about 7:00pm from an alleged employee of Joe's adsl phone company provider, offering a software called SoS-Phone, to be installed in Joe's computer, to enhance the internal network security, for a cost of only 1 dollar/month. For that, he had to arrange a visit to Joe's house to check the computer environment.
Average Joe's wife ask the guy to call later because she had to talk to his husband first and he wasnt there. Then, she called his brother-in-law asking about that, because Joe's brother works in the security department of the same Phone Company!:) and then discovered that there was no such product!
Possible usage of this attack:
- Install malicious software to steal credit card number, passwords...
- Use this to get into your home and rob your house
- ...
In this example, if she wasn't lucky enough to have someone that she could verify, she could follow some steps to identify such scams:
- Check with the company if such product really exists, using 800 numbers, internet...
- Ask for name and a phone number that you could call back and verify the credentials
- use your common sense
believe...this CAN happen...
I am Joe's brother and this happened yesterday...:)
------------------------------------------------------------------
Olympic Games 2004 Status: Brazil 2 Gold/ 1 Silver/ 2 Bronze
Handler on Duty: Pedro Bueno <bueno/AT/ieee.org>
Keywords:
0 comment(s)
×
Diary Archives
Comments
Anonymous
Dec 3rd 2022
9 months ago
Anonymous
Dec 3rd 2022
9 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
https://defineprogramming.com/
Dec 26th 2022
8 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
8 months ago
rthrth
Jan 2nd 2023
8 months ago