Yep, that's one of the best attack vectors! - Josh
On May 23, 2017 6:26 AM, "Mike Hammett" <[email protected]> wrote: > Some of them take advantage of vulnerabilities in anti-malware systems so > the user really doesn't have to do anything. > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > *From: *"Josh Reynolds" <[email protected]> > *To: *[email protected] > *Sent: *Tuesday, May 23, 2017 12:25:06 AM > *Subject: *Re: [AFMUG] malware > > It's very possible, I've just never heard of an exploit that doesn't > actually require you to run the payload > > - Josh > > On May 23, 2017 12:22 AM, "Steve Jones" <[email protected]> wrote: > >> that's like super old (not that wannacry is all that new) >> its amazing to me that malware is such a thing >> fuckballs stuxnet is still live >> are humans retarded? >> >> On Tue, May 23, 2017 at 12:15 AM, Josh Reynolds <[email protected]> >> wrote: >> >>> I don't know which one that you are talking about, but there is a much >>> more advanced exploit floating around. One of the infection methods is to >>> auto download a file when loading a web page... When the user opens the >>> folder, the windows handler that loads the file icon from inside the >>> program, which then silently transmits that users credentials to a remote >>> SMB server. >>> >>> Nasty stuff. >>> >>> - Josh >>> >>> On May 23, 2017 12:03 AM, "Steve Jones" <[email protected]> >>> wrote: >>> >>>> lol, better not be another one >>>> just seems like this wannacry thing is way blown out of proportion, I >>>> haven't seen anything to indicate its any more virulent or invasive than >>>> the standard malware, just happens it did a targeted phish of known >>>> unprotected targets >>>> >>>> On Mon, May 22, 2017 at 10:16 PM, Jay Weekley < >>>> [email protected]> wrote: >>>> >>>>> Is this a new way of announcing your wife is having a baby? >>>>> >>>>> Steve Jones wrote: >>>>> >>>>>> I not an absurd lack of hype over this on this list when every other >>>>>> list is popping off >>>>>> Am I the only one that sees this as similar to the whole UBNT mishap? >>>>>> don't follow standard practices, pay the price? >>>>>> I'm inclined to block the ports as a mechanism of being a good >>>>>> steward of the interwebs, but shouldn't I have already been dropping >>>>>> those? >>>>>> as an ISP >>>>>> I'm tempted to push OS migration, but shouldn't I have already been >>>>>> doing so as an IT services guy. >>>>>> I'm tempted to keep current patches, but shouldn't I have already >>>>>> been doing so? >>>>>> I have no expectation that none of my contact customers will not be >>>>>> impacted... by choices they made in our contract. >>>>>> This doesn't seem like its a NEW thing >>>>>> >>>>>> <http://www.avg.com/email-signature?utm_medium=email&; >>>>>> utm_source=link&utm_campaign=sig-email&utm_content=emailclient> >>>>>> Virus-free. www.avg.com <http://www.avg.com/email- >>>>>> signature?utm_medium=email&utm_source=link&utm_campaign= >>>>>> sig-email&utm_content=emailclient> >>>>>> >>>>>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> >>>>>> >>>>> >>>>> >>>> >> >
