On 7/28/23 17:36, Tapley, Mark B. via cctalk wrote:
TLDR:
“your computer can be infected by clicking on a single link … please click on
this single link.”
Is this an IQ test?
Did I pass?
Yes. A three letter company I worked for and another large company in
San Diego would send out less obvious emails and if you clicked on
them, would get remedial invites to training.
BTW, these are pretty simple to navigate with lynx. I downloaded a
pretty subtle one some time ago and unpacked the payload. Fun things I
didn't follow, mostly sucking in other stuff from other sites.
thanks
Jim
On Jul 9, 2023, at 2:51 PM, Todd Pisek via cctalk <[email protected]> wrote:
[EXTERNAL EMAIL]
Be aware that clicking on a malicious url can result on malware or spyware
being installed on your machine without any further action on your part. All
browsers have vulnerabilities. The most famous of these was the older version
of Pegasus by NSO back in the 2014-2016 timeframe. These so called 1-click
exploits are well known to bad actors. It’s a continuous cat and mouse game
between exploit writers and infosec. For the interested, look at this report
regarding Apple and the “Trident” series of exploits from 2016.
https://info.lookout.com/rs/051-ESQ-475/images/
pegasus-exploits-technical-details.pdf
—-Todd
P.S. Exploits have evolved considerably since Trident and now include 0-click
exploits. See Google’s Project Zero for instance.
