Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Monster Phish Bait

Published: 2006-11-10
Last Updated: 2006-11-10 19:26:04 UTC
by Tony Carothers (Version: 1)
0 comment(s)
A reader recently submitted for review a new phish attempt which asks readers to download the "new Monster Job Seeker Tool".  The email looks authentic, as the HTML source code is pulling images from monster.com, as well as having links to other monster.com pages, however the download does not come from monster.com.  The download software link pulls the download from monster-freesoftware.com.  Of course, what is downloaded is not something monster.com would approve of.

I have sent a copy of the email to abuse@monster.com for their records as well.
Keywords:
0 comment(s)

A busy Black Tuesday coming up.....

Published: 2006-11-10
Last Updated: 2006-11-10 17:21:59 UTC
by Tony Carothers (Version: 1)
0 comment(s)
Bryan submitted today that Microsoft has sent out a pre-release notification of the goodies we can expect on Tuesday.  Taking directly from Bryan's message...
---------------------------------------------------------------------------------------------
1 patch affecting "XML Core Services", rated "critical", will require a reboot

5 patches affecting Windows, maximum rating "critical", some of these will require a reboot

New "Malicious Software Removal Tool"

2 additional "non-security high-priority updates" will be released, but only on Microsoft Update and WSUS
---------------------------------------------------------------------------------------------
Microsoft has stated here that they "will continue to support Software Update Services (SUS) 1.0 until December 6, 2006. Microsoft will no longer support SUS 1.0 after this date."  That means this is the last chance to finish testing WSUS for use on the production networks.

Thank you Bryan for the great information
Keywords: Microsoft SUS WSUS
0 comment(s)
Diary Archives