Stop using IE because same exploit is now available in metasploit, available to script kiddies. Here is the complete information with video as well: http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/
Many attackers are capitalizing on this one. It started with a targeted attack and now is suspected to lead to a large-scale attack. From: [email protected] [mailto:[email protected]] On Behalf Of Jayesh KS Sent: 15 January 2010 16:11 To: [email protected] Cc: [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Google may wrap up business from China Here is some more information about the attack on google, adobe and other 30 plus corporates, http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/ http://www.theregister.co.uk/2010/01/14/cyber_assault_followup/ Thanks. /jayesh On Fri, Jan 15, 2010 at 3:45 PM, Soi, Dhruv <[email protected]> wrote: I am in touch with the concerned people conducting the investigation. Through unofficial channels I can say that the data espionage process had three pronged approach. Using the compromised data centre, anonymous VPNs and TOR exit relays. The investigating party conducted the counter espionage operation and compromised one of the data centres used in the attack. Through this way they were able to trace the real mothership of the attack i.e. China. From: [email protected] [mailto:[email protected]] On Behalf Of Muslim Koser Sent: 15 January 2010 15:22 To: [email protected]; [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Google may wrap up business from China Very interesting, but would really like to know the basis on which they think the attack originated from China, was it analysis of IP address which seems to be from China ? the report itself says that attackers used multiple proxies to reach target, then what was the process used to identify the actual original point ? Did the malware embedded in PDF had any specific signatures which suggest this link ? Would love to go in to deep in this case Muslim From: [email protected] [mailto:[email protected]] On Behalf Of Soi, Dhruv Sent: 15 January 2010 15:10 To: [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Google may wrap up business from China How about this one? http://www.metacafe.com/watch/4025565/chinese_hackers_target_pmo_computers_headlines_today/ Prime Minister Office compromised by Chinese buddies. From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 15 January 2010 12:32 To: [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Google may wrap up business from China Check this out – http://www.theaustralian.com.au/business/media/google-mulls-china-exit-after-cyber-attack/story-e6frg996-1225818786765 Thanks & Regards, Venkatesh Jagannathan (Venki) | Digital Security Practice |Ë: +91-91766 VENKI | +: 443037 |É: +91-44-47403000 x:443037 | ý: http://www.cognizant.com |€: http://www.linkedin.com/in/heyvenki P Avoid plastics. Use recycled paper bags. Save Trees. Avoid Printing. +----------------------------------------------------------------------------+ | Thinking is the Capital, Enterprise is the way, Hard Work is the solution. | | Avul Pakir Jainulabdeen Abdul Kalam - Ignited Minds. | +----------------------------------------------------------------------------+ From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Wednesday, January 13, 2010 3:37 PM To: [email protected]; [email protected] Subject: [Owasp-delhi] Google may wrap up business from China Have a look at it: http://news.bbc.co.uk/2/hi/business/8455712.stm http://googleblog.blogspot.com/2010/01/new-approach-to-china.html -- Thanks & Regards, Nilesh Kumar, Engineer-Security| Honeywell Technology Solutions http://www.honeywell.com/ www.nileshkumar83.blogspot.com www.linkedin.com/in/nileshkumar83 Mobile- +91-9019076487 _______________________________Honeywell Honeywell Technology Solutions Lab This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
