Worth Reading!!! Such issues can be deal by awareness program including other preventive steps. I guess many companies; especially large employee base has already circulated the policy regarding this.
Regards Suman ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Soi, Dhruv Sent: Wednesday, January 06, 2010 3:49 PM To: [email protected] Subject: [Owasp-delhi] More attackers targeting Social Networking and software vendors sites There has been massive increase in targeted attacks in last few months. Malware writers prefer to infect victims using vulnerabilities in Microsoft Products and Adobe. There has been increase in MS/Adobe 0-days that helps malware hop from one machine to another with its payload which most of the times reports to a botnet. Social networking websites like Twitter and Facebook are becoming prime source for attackers to carry targeted attacks. Recently Mcafee published a report on 2010 Threat prediction: http://www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_predict_1209_v2.pdf Recently, we also found similar mass attack using MS Word vulnerability and detailed report has been published here: http://torridnetworks.com/index.php/case-studies/50-information-security/139-malware-analysis-report-for-a-targeted-attack-via-word-document-carried-out-against-few-sensitive-email-accounts-belonging-to-elite-customer-of-torrid.html Also, many corporate are coming up with social media policy for all their employees while using social networking portals which I think makes lot of sense to protect corporate from identity theft. Is there something similar happening at your organization as well? Many Thanks, Dhruv Le e-mail provenienti dalla Sella Synergy India Private Ltd sono trasmesse in buona fede e non comportano alcun vincolo ne' creano obblighi per la Sella Synergy India Private Ltd stessa, salvo che cio' non sia espressamente previsto da un precedente accordo. Questa e-mail e' confidenziale. Qualora l'avesse ricevuta per errore, La preghiamo di comunicarne via e-mail la ricezione al mittente e di distruggerne il contenuto. La informiamo inoltre che l'utilizzo non autorizzato del messaggio o dei suoi allegati potrebbe costituire reato. Grazie per la collaborazione. E-mails from Sella Synergy India Private Ltd are sent in good faith but they are neither binding on the Sella Synergy India Private Ltd nor to be understood as creating any obligation on its part except where provided for an agreement. This e-mail is confidential. If you have received it by mistake, please inform the sender by reply e-mail and delete it from your system. Please also note that the unauthorized disclosure or use of the message or any attachments could be an offence. Thank you for your cooperation.
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
