I had to use that MS form just a few days ago (a phishing coming from an authenticated O365 account) and didn't have the same experience ... actually I was even positively surprised they put recaptcha on their form (SNDS has a much more old-school captcha). Also, I don't recall ever seeing recaptcha expire, on any website. Sometimes it fails, but I don't recall it mentioning something expired. Did you validate it before filling in the long form?
> With their budgets and size, don't we expect a little more resources devoted > to fast take downs and detections? > Especially when it is so easy to detect > [...] > But what the real peeve off is, for all the hard working people in infosec, > when they can't get them shut down in a timely manner. I guess it's not that easy. I mean, have an open form or contact method, and you'll get shipload of noise. So it can't be _that_ easy. But as you say, if it's too hard it becomes less efficient, as time counts to prevent bad things from happening. So yes, when an educated anti-abuse fighter submits an abuse report, it's a godsend and it better be taken into account quickly. Identifying those good guys is one of the numerous challenges. > Or do we have to wait for the politicians to get hacked, and have them start > handing out big fines to get this addressed. Oh no, they'd be victims, you wouldn't want to ask victims to pay, would yah =) -- Benjamin -----Original Message----- From: mailop <mailop-boun...@mailop.org> On Behalf Of Michael Hallager via mailop Sent: dimanche 1 septembre 2019 04:25 To: mailop@mailop.org Subject: Re: [mailop] Another example of why infosec people give up on reporting.. On 2019-09-01 07:31, Michael Peddemors via mailop wrote: > https://portal.msrc.microsoft.com/en-us/engage/cars > > By the time you finished filling all the fields out, and hit submit it > tells you the recaptcha has expired and to 'reload the page', and of > course with it all the information you just spent 10 minutes filling > in.. > > *sigh* > > Meh! just blacklist instead. ;) Just like nstorage.org. After days of dictionary attacks by their IP's I reported it to them and never heard back. Oh well, I bet their IP's are blocked in lots of places now with an attitude like that. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
