Hey Dhruv, Effective and a good report. Thx for sharing.
Regards! Bishwaroop ----- Original Message ----- From: "Soi, Dhruv" [[email protected]] Sent: 01/06/2010 03:49 PM ZE5B To: <[email protected]> Subject: [Owasp-delhi] More attackers targeting Social Networking and software vendors sites There has been massive increase in targeted attacks in last few months. Malware writers prefer to infect victims using vulnerabilities in Microsoft Products and Adobe. There has been increase in MS/Adobe 0-days that helps malware hop from one machine to another with its payload which most of the times reports to a botnet. Social networking websites like Twitter and Facebook are becoming prime source for attackers to carry targeted attacks. Recently Mcafee published a report on 2010 Threat prediction: http://www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_pred ict_1209_v2.pdf Recently, we also found similar mass attack using MS Word vulnerability and detailed report has been published here: http://torridnetworks.com/index.php/case-studies/50-information-security/139 -malware-analysis-report-for-a-targeted-attack-via-word-document-carried-out -against-few-sensitive-email-accounts-belonging-to-elite-customer-of-torrid. html Also, many corporate are coming up with social media policy for all their employees while using social networking portals which I think makes lot of sense to protect corporate from identity theft. Is there something similar happening at your organization as well? Many Thanks, Dhruv
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi The information transmitted is intended only for the person(s)or entity to which it is addressed and may contain confidential and/or legally privileged material. Delivery of this message to any person other than the intended recipient(s) is not intended in any way to waive privilege or confidentiality. Any review, retransmission, dissemination or other use of , or taking of any action in reliance upon, this information by entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. For Translation: http://www.baxter.com/email_disclaimer
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
