Interesting article over at Krebs On Security: http://krebsonsecurity.com/2011/09/right-to-left-override-aids-email-attacks/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29
It talks about a unicode character that reverses ordering from right to left that had apparently been used to change the order of characters. For example, making: thefilenamedoc.exe display as thefilenameexe.doc I've not seen this, but was wondering if there's a way to have ASSP block emails with an attachment that has this unicode character. Some thought might be necessary if we're going to consider url's that also have it. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
