n3td3v wrote:
I believe the industry coined up "phishing" to make more money out of
social engineering. Its obvious now that both are over lapping. Only
the other day Gadi Evron was trying to coin up a phrase for "voice
phishing". Why can't we cut to the chase and drop the (ph)rases and
call it s
Hello List.
I've discovered the cryptogram that the famous site "Teagames" use for encripting the score and username for the topscores.. I've show the teagames STAFF several times that I can do this, but they seem that they dont care, so know, by publising this information I want to force them to
Hello, Arsen Kirillov!
On 11.05.2006 12:10 you wrote:
> Looking for something like Free AV software for Win32 OS's. If u r
> using something good - pls let me know!
I use this combination (both are an opensource):
ClamWin 0.88.2.3 http://www.clamwin.com
and
WinPooch 0.5.10 http://winpooch.free.fr
I use free AVG by Grisoft. I have heard others are better but it has been
protecting my old computer for a couple of years with no problems. You get
daily updates too and it is much better than Norton which I had before.
Nancy Kramer
At 10:28 AM 6/28/2006, Julien GROSJEAN - Proxiad wrote:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-29
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-
PatchLink Update Server 6 SQL Injection
-
Severity: Critical
Date: June 28, 2006
Class: Remote
Status: Patch Available
Discovered by: Chris Steipp, Novacoast (csteipp at novaco
Because it is not only social engineering. There are two parts of the
attack 1) social engineering aspect and 2) technical subterfuge. A
trojan that changes your local host file is not social engineering. This
trojan can be downloaded via a hole in your ie browser with no much
effort from an attack
That doesn't look like an official GriSoft site. In fact the domain
it redirects to is not owned by GriSoft (nor is there a link the
official site). See the following whois lookup at www.nic.uk:
http://195.66.240.211/cgi-bin/whois.cgi?query=grisoft.co.uk&WHOIS+Submit.x=21&WHOIS+Submit.y=11
It'
HKTL_FREESSHD.A has been detected,and Quarantine entire message has been taken
on 6/28/2006 11:29:58 PM.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secu
JS_YAMANNER.D has been detected,and Replace has been taken on 6/28/2006
11:25:54 PM.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
You couldn't be more wrong if you called it a Canadian Goose!
-KF
#!/usr/bin/perl
# http://www.digitalmunition.com/FailureToLaunch.pl
# Code by Kevin Finisterre kf_lists[at]digitalmunition[dot]com
#
# This is a practical application of Non Executable Stack Lovin -
http://www.digitalmunition.com
> What makes you think Grisoft registered that domain?
Just visit http://www.clamav.co.uk/ , then you'll see redirection.
moto kawasaki <[EMAIL PROTECTED]>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-chart
Searching for Rob's SSN on PACER yields interesting results. I will
give Mr. Levin a couple days to explain to his users what landed him
with Federal charges in 1992 before I do:Northern District of Texas (Dallas)
CRIMINAL DOCKET FOR CASE #: 3:92-cr-00369-1Case title: USA v. LevinDate Filed: 08/28/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDKSA-2006:115
http://www.mandriva.com/security/
___
On 6/28/06, Cardoso <[EMAIL PROTECTED]> wrote:
Don't waste your time.
The scammer sends the same crap to a brazilion mails, counting that a
percentage will have Orkut accounts.
Since when has the nationality for people from Brazil become a number? ;)
Paul
___
On Wed, 2006-06-28 at 18:26 +0100, n3td3v wrote:
> I believe the industry coined up "phishing" to make more money out of
> social engineering.
So far as I can tell, the term "phishing" was not coined by industry,
but by the "phishers" themselves. I remember "phishing" as being the
term for peopl
On 6/29/06, n3td3v <[EMAIL PROTECTED]> wrote:
I believe the industry coined up "phishing" to make more money out of
social engineering. Its obvious now that both are over lapping. Only
the other day Gadi Evron was trying to coin up a phrase for "voice
phishing". Why can't we cut to the chase and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Apple Open Directory Pre-Authentication Denial of Service [MU-200606-02]
June 27, 2006
http://labs.musecurity.com/advisories.html
Affected Product/Versions:
OSX 10.4.4 through 10.4.6
Product Overview:
http://www.apple.com/server/macosx/features/op
I believe the industry coined up "phishing" to make more money out of
social engineering. Its obvious now that both are over lapping. Only
the other day Gadi Evron was trying to coin up a phrase for "voice
phishing". Why can't we cut to the chase and drop the (ph)rases and
call it straight forward
Hi All,
At the request Microsoft I have not published the additional
information. I did not think, that the ZARAZA will publish simple POC
without my consent but to that to be, that to not pass. Denis you can
check up you system simple POC code from a site of the ZARAZA, only if
configuration syste
Did I miss the WagEd Press release that states this exact claim? Software vulnerabilities will not stop. What each rev of code gives us is more layers so that we have mitigation options. In the case of Vista, it will give the api to allow apps to gracefully restart right and more support for hot
AFFECTED: FLAVIA BEVERAGE SYSTEM (ALL VERSIONS)NOTES: SO FAR THIS EXPLOIT HAS ONLY BEEN TESTED WITH THE "CHOCO" FLAVOR OF BEVERAGE PACKET.SPECIAL THANKS TO: V.S. KESHURAVAIA GADHIRECHELA IN THE CUBICLE NEXT TO ME.GREETZ: #COFFEEMACHINES, #31337DONGS, #HOMOSEXUAL_HACKERSABSTRACT: THE FLAVIA VEND
AFFECTED: FLAVIA BEVERAGE SYSTEM (ALL VERSIONS)NOTES: SO FAR THIS EXPLOIT HAS ONLY BEEN TESTED WITH THE "CHOCO" FLAVOR OF BEVERAGE PACKET.SPECIAL THANKS TO: V.S. KESHURAVAIA GADHIRECHELA IN THE CUBICLE NEXT TO ME.GREETZ: #COFFEEMACHINES, #31337DONGS, #HOMOSEXUAL_HACKERSABSTRACT: THE FLAVIA VEND
AFFECTED: FLAVIA BEVERAGE SYSTEM (ALL VERSIONS)NOTES: SO FAR THIS EXPLOIT HAS ONLY BEEN TESTED WITH THE "CHOCO" FLAVOR OF BEVERAGE PACKET.SPECIAL THANKS TO: V.S. KESHURAVAIA GADHIRECHELA IN THE CUBICLE NEXT TO ME.GREETZ: #COFFEEMACHINES, #31337DONGS, #HOMOSEXUAL_HACKERSABSTRACT: THE FLAVIA VEND
Don't waste your time.
The scammer sends the same crap to a brazilion mails, counting that a
percentage will have Orkut accounts.
I reverse-hacked one of those low-lifes once, and there were a few
files, each with +400.000 emails. A Perl script running, reading and
sending mail after mail, that'
==
Secunia Research 28/06/2006
- Opera SSL Certificate "Stealing" Weakness -
==
Table of Contents
Affected Software...
==
Secunia Research 14/06/2006
- DeluxeBB SQL Injection and File Inclusion Vulnerabilities -
==
Table of Contents
Affected Software...
On 6/28/06, nocfed <[EMAIL PROTECTED]> wrote:
In what way is this an "Orkut exploit" as the subject of the mail
describes? This is more of an "Idiot exploit"...
yeah, i agree is an idiot exploit, English is not my first language
and that was the best subject i could come up with.
but don'
On 6/28/06, Ademar Gonzalez <[EMAIL PROTECTED]> wrote:
Don't know if you guys have seen this. Just got it in my gmail
account, it tries to execute the file scrapbook.exe from :
http://www.yourfreespace.net/users/orkut2/scrapbook/scrapbook.exe
Karpesky says is Trojan-Spy.Win32.Banker.anv
attach
Are you looking for - http://www.windowmaker.info/
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of e g
Sent: Thursday, June 29, 2006
12:32 AM
To: joe haldon
Cc:
full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure]
thc.org
>From their
announce-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200606-27
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
>From their announce-list:"Hi folks, We are currently working on a domain issue and have temporarily movedour webpresence to http://thc.segfault.net
. stay tuned,Your Local THC Advisor" On 6/28/06, joe haldon <[EMAIL PROTECTED]
> wrote:Hey thc.org is down. anyone know if those guys will come back
A small correction:
The cd-key stealing is not possible since the master server address is
built-in in the client code.
Sorry for this wrong info, I added it almost two weeks ago while taking
note of the possible ways for exploitating these bugs and forgot to
recheck this method.
I have updated
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Access Point Web-Browser Interface
Vulnerability
=
Advisory ID: cisco-sa-20062806-ap.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control
System
Advisory ID: cisco-sa-20060628-wcs
http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml
Revision 1.0
For Public Release 2006 June 28 1600 UTC (GMT
Don't know if you guys have seen this. Just got it in my gmail
account, it tries to execute the file scrapbook.exe from :
http://www.yourfreespace.net/users/orkut2/scrapbook/scrapbook.exe
Karpesky says is Trojan-Spy.Win32.Banker.anv
attached is the original emai.
ciao ciao
ademar
On Tue, 27 Jun 2006 03:01:24 CDT, Al Mac said:
(trimming RISKS from the cc: list so Peter doesn't have to see what he
already knows...)
> http://www.itjungle.com/fhs/fhs062706-story07.html
The comp.risks digest will almost never post a bare URL without
some explanatory writing attached to it. A
On Tue, 27 Jun 2006 16:47:59 CDT, Saeed Abu Nimeh said:
> Is there a way to do dns poisoning and make the poisoned server provide
> legitimate queries when doing dns lookup. Example: Assume I am running a
> poisoned dns server, when user X does lookup yahoo.com or dig yahoo.com
> I reply with legit
Nigel Horne <[EMAIL PROTECTED]> wrote on 06/28/2006 10:50:27 AM:
> Dereck Martin wrote:
> > I have used AVG from Grisoft before.
>
> I used to think AVG were good guys until the domain
> park site www.clamav.co.uk appeared.
What makes you think Grisoft registered that domain?
Domain name:
Hey thc.org is down. anyone know if those guys will come back?
also, off-topic but what ever happened to windowmaker.org :(
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by
Interesting.. didn't know that.
Dereck Martin
Desktop Support
www.mixxer.com
_/
_/_/_/ _/_/_/_/ _/_/_/_/_/ _/_/
_/_/_/ _/_/_/ _/_/_/_/_/_/ _/_/
_/_/_/ _/ _/_/ _/_/ _/_/
_/_/_/ _/ _/
Dereck Martin wrote:
I have used AVG from Grisoft before.
I used to think AVG were good guys until the domain
park site www.clamav.co.uk appeared.
Dereck Martin
Desktop Support
Office: 317-472-9771
Cell: 812-374-2727
-Nigel
begin:vcard
fn:Nigel Horne
n:Horne;Nigel
org:NJH Music
email;intern
I have used AVG from Grisoft before.
http://free.grisoft.com/doc/1
Dereck Martin
Desktop Support
Office: 317-472-9771
Cell: 812-374-2727
www.mixxer.com
_/
_/_/_/ _/_/_/_/ _/_/_/_/_/ _/_/
_/_/_/ _/_/_/ _/_/_/_/_/_/ _/_/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
the CPU was an Intel Pentium 4 640 with XD/NX bit and EM64T support. The
operating systems were 32-bit based.
Sincerely yours,
Manuel Santamarina Suarez
naveed wrote:
> do you have checked the code on 64-bit processors with hardware based
I vouch for AVAST.
It's a little hysterical when it founds some suspicious but works fine
and I hardly notice it's running. Norton uses far more CPU.
On Wed, 28 Jun 2006 16:31:44 +0200
Julien GROSJEAN - Proxiad <[EMAIL PROTECTED]> wrote:
JG-P> Sorry, the link :
JG-P>
JG-P> http://www.avast.com
Sorry, the link :
http://www.avast.com/eng/download-avast-home.html
Not only AV :
Antivirus kernel
Automatic updates
Simple User Interface
Virus Chest
Resident protection
System integration
P2P and IM Shields
Integrated Virus Cleaner
Network Shield
Support for 64-bit Win
Hi Arsen, hi all
there is Clamwin like Randall M sais, also AVAST for personnal use is
free...
Cheers.
ArsenKirillov a écrit :
Hi!
Looking for something like Free AV software for Win32 OS's. If u r using
something
good - pls let me know!
Arsen Kirillov
do you have checked the code on 64-bit processors with hardware based
NX protection , since in that case it is more difficult to perform it
:) , anyway rest is good for bypassing the software protection.
On 6/28/06, FistFuXXer <[EMAIL PROTECTED]> wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash:
On Thursday, June 22, 2006, I taped a presentation titled "Case Studies
in Finding Previously Unknown Vulnerabilities in Web Applications" for
the AT&T ISNN Lecture Series.
The aim of the presentation is to cover a limited set of web application
vulnerability types and show the impact of these
This is a brand new presentation and its going public for the very first
time in SyScan'06.
Marek Bialowlowy is a Polish security researcher based in Southeast Asia
whose expertise is researching into mobile technologies like phone
banking, wifi and bluetooth etc. In this presentation in SySc
Gadi
Joanna Rutkowska has already found a way to subvert the Vista kernel and
injecting arbitrary code into it. Guess what? no implementation bug and
no system reboot required. she will be presenting her finding in
SyScan'06 (www.syscan.org)
Gadi Evron wrote:
Vista, the solution to all our
sure, you are right!!! but there is always a chance to screw up :) and
when somebody do that, we must have the right tools to detect it
On 6/28/06, Tonnerre Lombard <[EMAIL PROTECTED]> wrote:
Salut,
On Tue, 2006-06-27 at 12:37 +0100, pdp (architect) wrote:
> Also, it might be possible to unhide
===
Layered Defense Advisory 27 June 2006
===
1) Affected Software
Computer Associates: eTrust Antivirus 8.0
Computer Associates: eTrust
Josh L. Perrymon wrote:
To summarize the thread...
My question is:
Is it possible to sniff the data from RFID access control cards and
write the contents to a generic RFID card? Then use the copied RFID card
to gain access inside the target building?
This is more just theory at this point.
===
Ubuntu Security Notice USN-307-1 June 28, 2006
mutt vulnerability
http://secunia.com/advisories/20810
===
A security issue affects the following Ubuntu releases:
Ubunt
Just to be clear Joanna says
(http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html)
"I would like to make it clear, that the Blue Pill technology does not rely
on any bug of the underlying operating system. I have implemented a working
prototype for Vista x64, but I see no reas
Hello,
Just in case anybody is interested in the vulnerability details of the
recently discovered Cross Site Scripting flaw in Outlook Web Access, we have
now put the according advisory with these details on our web page:
http://www.sec-consult.com/270.html
Regards,
Daniel
--
_
58 matches
Mail list logo