Phishing & BotNets Mode:
(Page 6 of 8)  < Prev  1 2 3 4 5 6 7 8  Next >
Recent Haxdoor Version Breaks SSL via Pharming 2006-02-14
Lance James (bugtraq securescience net)
An advisory written by Secure Science was issued for a recent Pharming
attack found within malware.

http://www.securescience.net/advisories/SSC_MSAT_FEB_02_2006-public.pdf

-Lance James
Author of "Phishing Exposed"

[ more ]  [ reply ]
mwcollect Alliance Launch 2006-02-03
Georg Wicherski (georg-wicherski pixel-house net)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The mwcollect Alliance has been launched today. The mwcollect Alliance
is a non-profit community effort to collect autonomously spreading
malware and share with anti-virus and vulnerability researchers. Malware
is collected with the mwcollect Malware Co

[ more ]  [ reply ]
Feds arrest alleged Internet ID thief [CNET] 2006-01-27
Nick Bilogorskiy (nick avresearch net)
Feds arrest alleged Internet ID thief

By Alorie Gilbert
http://news.com.com/Feds+arrest+alleged+Internet+ID+thief/2100-7349_3-60
31924.html

A California man who allegedly duped America Online customers into
disclosing their credit card information
over the Web was arrested on wire fraud and other

[ more ]  [ reply ]
New Phishing/Malware focused site 2006-01-21
Lance James (bugtraq securescience net)
Hi all,

I'm putting this out there, but there is a fairly new organization
called Mal-Aware.org (Malicious Activity Awareness & Response) that has
a good blog, and some neat information on their site regarding malware
analysis, and phishing activity.

It's at www.mal-aware.org if anyone is interest

[ more ]  [ reply ]
Evil Twin 2006-01-20
Saeed Abu Nimeh (drellman hotmail com)
Hi All,
Does anyone have the paper that talks about Evil Twin in WiFi by
Professor Brian Collins. I searched but no luck.
Thanks,
Saeed

[ more ]  [ reply ]
Re: Re: In-session phishing 2006-01-18
mike sharecube com

The attack you describe (popup after a few secs) is very easy to execute. A user responds on an email link and goes to a malicious web site. Instead of making a copy of a banking site, the malicious code will return a web page with some Javascript. The page opens up a new browser with the intended

[ more ]  [ reply ]
Corpse Spyware Official BleedingEdge Snort Rules 2006-01-12
Lance James (phishing securescience net)
Thanks to Matt Jonkman for getting those official for me.

http://www.bleedingsnort.com/cgi-bin/viewcvs.cgi/sigs/MALWARE/MALWARE_Co
rpsespyware?rev=1.5

--Snort Sigs below--

#from Lance James and Secure Science www.securescience.net -- Thanks Lance!
alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_POR

[ more ]  [ reply ]
Snort Sigs for Phishing Malware 2006-01-11
Lance James (bugtraq securescience net)
Hi all,

I thought I'd drop off some snort sigs for Corpse Spyware that is out
there, including A-311 death and Nuclear Grabber - phishing focused
(tan grabbing) malware.

There may be some false positives, but those false positives should
also be looked at carefully, as it means it's an executable

[ more ]  [ reply ]
In-session phishing 2006-01-08
Matt Richard (matt richard gmail com) (1 replies)
I recently heard rumors of several financial institutions impacted by
"in-session phishing". The description of the attack was that the
user would log in to their internet banking site and shortly after a
pop-up would appear with a "Security Confirmation" page requesting
personal information to all

[ more ]  [ reply ]
Re: In-session phishing 2006-01-08
Rafael San Miguel Carrasco (smcsoc yahoo es) (1 replies)
Re: In-session phishing 2006-01-08
Matt Richard (matt richard gmail com) (1 replies)
Re: In-session phishing 2006-01-08
Lance James (bugtraq securescience net) (1 replies)
New to phishing 2006-02-17
Athanatos Manos (mathanatos gmail com)
RE: early detection 2006-01-06
Compton, Rich (richard compton chartercom com)
FYI, TippingPoint also has some nice filters that prevent Phishing
attacks at the network layer. They have a nice pdf white paper about
it.

-----Original Message-----
From: Alan Murphy [mailto:A.Murphy (at) F5 (dot) com [email concealed]]
Sent: Friday, January 06, 2006 1:36 PM
To: Saeed Abu Nimeh; phishing (at) securityfocus (dot) com [email concealed]

[ more ]  [ reply ]
RE: early detection 2006-01-06
Alan Murphy (A Murphy F5 com)
Saeed,

Most anti-phishing work these days is done on the client side, but there
is a decent push underway to track and protect from these on the server
side. A few examples:

Network:
- www.bleedingsnort.com has a few rules for snort that pull from and
block known phishing domains. These rules c

[ more ]  [ reply ]
WiFi phish 2006-01-05
Saeed Abu Nimeh (sabunime engr smu edu) (1 replies)
Hi List,
Do you think that there is something (may be vulnerability/ties or a
week point) in WiFi that might make a phishing attacker more successful
in a WiFi environment compared to a wired LAN.
Thanks,
Saeed

[ more ]  [ reply ]
Re: WiFi phish 2006-01-06
Jose Nazario (jose monkey org)
Fw: SF new column announcement: Zero-day holiday 2006-01-05
Nick Bilogorskiy (nick avresearch net)
> The following column was published on SecurityFocus today:
>
> Zero-day holiday
> by Kelly Martin
> 2006-01-04
>
> A few hundred million Windows XP machines lay vulnerable on the Web
> today, a week after a zero-day exploit was discovered. Meanwhile, new
> approaches and ideas from the academi

[ more ]  [ reply ]
Zombied Box with Localized Phishing? 2005-12-20
gary huntress gmail com
This is a little convoluted please bear with me.

1) I work for *.navy.mil and I spotted an XSS attack in our web logs. Very, very coincidentally, I knew the owner of the box that was attacking us. He runs a web/mail server.

2) He gave me access and I did what little forensics that I could. I

[ more ]  [ reply ]
early detection 2005-12-13
Saeed Abu Nimeh (drellman hotmail com)
Hi All,
I have two questions:
1)What are the early detection techniques used by companies to
determine/monitor phishing sites.
2) What are the techniques used for link analysis to fight phishing or
spam.
Are these tools available for users or they are specific for large
institutions. Is there a way

[ more ]  [ reply ]
Evaluation Anti-phishing tools 2005-12-08
Saeed Abu Nimeh (drellman hotmail com)
Hi List,
Do you know if there is any other anti-phishing tools available other
than these:
netcraft, spoofstick, earthlink, ebay, IE7 (phishing filter), spoofguard.
Thanks,

Saeed

[ more ]  [ reply ]
IMF 2006- Call for Papers 2005-12-06
Oliver Goebel (Goebel CERT Uni-Stuttgart DE)
Dear all,

for your information.

Please excuse possible cross-postings.

------------------------------------------------------------------------
---

CALL FOR PAPERS

IMF 2006

International Conference on

[ more ]  [ reply ]
Hi all 2005-11-29
Lance James (phishing securescience net)
This came in on the wire -
The problem url is:

http://www.govbenefits.gov/govbenefits/externalLink.jhtml?url=h%74t%70:%
2F%2F%77%77%77%2Eporterfam%2E%6F%72%67%2F2005%2F%3F_cmd=/cgibin/2005/tre
fund/id=96596,00

http://www.porterfam.org/2005/?_cmd=/cgibin/2005/trefund/id=96596,00

It's accompanied wi

[ more ]  [ reply ]
SF new column announcement: Sony-baloney by Scott Granneman 2005-11-22
Nick Bilogorskiy (nick avresearch net)
The following column was published on SecurityFocus today:

Sony-baloney
by Scott Granneman
2005-11-22

The Sony story brings up dozens of questions about where we are headed
with DRM issues and security, and what's really at stake.

http://www.securityfocus.com/columnists/370

Nick

[ more ]  [ reply ]
RE: valid problem 2005-11-10
William Tarkington (William Tarkington openwave com)


-----Original Message-----
From: Jose Nazario [mailto:jose (at) monkey (dot) org [email concealed]]
Sent: Thursday, November 10, 2005 12:08 PM
To: Null, Corey
Cc: Lance James; Stejerean, Cosmin; Saeed Abu Nimeh;
phishing (at) securityfocus (dot) com [email concealed]
Subject: RE: valid problem

On Thu, 10 Nov 2005, Null, Corey wrote:

>> If I want to si

[ more ]  [ reply ]
RE: valid problem 2005-11-10
Null, Corey (Null Corey principal com) (2 replies)
If I want to sign up, how do you know I'm not a phisher?

Corey Null
Principal Financial Group
Desk (515) 235-9045
Cell (515) 771-3855
Fax (866) 736-4764

-----Original Message-----
From: Lance James [mailto:lancej (at) securescience (dot) net [email concealed]]
Sent: Wednesday, November 09, 2005 11:36 PM
To: Stejerean, Cosm

[ more ]  [ reply ]
Re: valid problem 2005-11-10
Justin B. Alcorn (justin jalcorn net)
RE: valid problem 2005-11-10
Jose Nazario (jose monkey org)
RE: valid problem 2005-11-10
Null, Corey (Null Corey principal com)
If we had something that wasn't so public, how would we guard the
gates? How do you tell the good guys from the bad?

Corey Null
Principal Financial Group
Desk (515) 235-9045
Cell (515) 771-3855
Fax (866) 736-4764

-----Original Message-----
From: Lance James [mailto:lancej (at) securescience (dot) net [email concealed]]
Sen

[ more ]  [ reply ]
(Page 6 of 8)  < Prev  1 2 3 4 5 6 7 8  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus