http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
Regards,
T
On Thu, Apr 5, 2012 at 10:30 AM, RandallM wrote:
> can someone tell me what effects there are to being infected with
> flashback? signs? google search just brings up the same same news
> stories.
>
> also, if one
On Thu, Apr 5, 2012 at 10:30 AM, RandallM wrote:
> can someone tell me what effects there are to being infected with
> flashback? signs? google search just brings up the same same news
> stories.
>
> also, if one is.. it seems there are some files that cannot be
> recovered so new install necessar
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
On Thu, Apr 5, 2012 at 9:30 AM, RandallM wrote:
> can someone tell me what effects there are to being infected with
> flashback? signs? google search just brings up the same same news
> stories.
>
> also, if one is.. it seem
can someone tell me what effects there are to being infected with
flashback? signs? google search just brings up the same same news
stories.
also, if one is.. it seems there are some files that cannot be
recovered so new install necessary?
--
been great, thanks
RandyM
a.k.a System
_
--On Monday, November 05, 2007 14:54:52 -0400 Dude VanWinkle
<[EMAIL PROTECTED]> wrote:
> On 11/2/07, reepex <[EMAIL PROTECTED]> wrote:
>> I guess you never heard of full disk encryption, finger print readers, or
>> caged machines.
>
> Well, caged machines fall outside of the "dont have physical
On 11/2/07, reepex <[EMAIL PROTECTED]> wrote:
> I guess you never heard of full disk encryption, finger print readers, or
> caged machines.
Well, caged machines fall outside of the "dont have physical security" issue.
Finger Print readers dont have anything to do with Physical Security,
unless th
> On Thu, Nov 01, 2007 at 03:36:00PM -1000, Peter Besenbruch wrote:
> > Firefox throws up a download dialog, asking what I should do
> > with "prettyyoungthing.rpm," while a Javascript pop-up explains that to
> > see these great images, I need to save the file, and type "rpm -i
> > prettyyoungthing
> you'll be *prompted* for
> the root password, not asked to run it as root. Big
> difference, and one that many users do not appreciate at all.
Good point. A lot has been made of the number of steps involved, but if you
accept the manifest impossibility that -any- Mac user would ever fall for
Apologies for the cut off posting (antair did it), but I have a few ideas that
I've yet to see mentioned anywhere. Maybe they exist already under a different
name, but here's my two cents in how to fix this mess.
My approach is through the implementation of multiple mechanisms in the os.
1) an
I beg to differ, a claymore is a bit large... it would have to be
something a bit smaller, especially if its a laptop.
reepex wrote:
> I guess you never heard of full disk encryption, finger print readers,
> or caged machines.
>
>
> On Nov 2, 2007 3:51 PM, Dude VanWinkle <[EMAIL PROTECTED]
>
I guess you never heard of full disk encryption, finger print readers, or
caged machines.
On Nov 2, 2007 3:51 PM, Dude VanWinkle <[EMAIL PROTECTED]> wrote:
> On 11/2/07, J. Oquendo <[EMAIL PROTECTED]> wrote:
> > Dude VanWinkle wrote:
> >
> > > A program installed under false pretenses that will
On 11/2/07, J. Oquendo <[EMAIL PROTECTED]> wrote:
> Dude VanWinkle wrote:
>
> > A program installed under false pretenses that will give the
> > author/distributer remote access to the victim machines.
>
> Right... Guess those local are not a threat.
?? Local to the machine??
all prevention metho
Dude VanWinkle wrote:
> A program installed under false pretenses that will give the
> author/distributer remote access to the victim machines.
Right... Guess those local are not a threat.
> -JP
Vranisaprick is that you
--
J. Oquendo
SGFA
On 11/2/07, Nick FitzGerald <[EMAIL PROTECTED]> wrote:
> (there are no
> absolutely hard and fast definitions of "Trojan" in this context,
A program installed under false pretenses that will give the
author/distributer remote access to the victim machines.
Bam!
:-)
-JP
> Actually, on that same note, I recently did an analysis of
> the last three years of published Windows vulnerabilities.
Thanks, Roger. That's a really useful, apposite and timely item.
--
David Harley
AVIEN Interim Administrator: http://www.avien.org
http://www.smallblue-greenworld.co.uk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 02 Nov 2007 00:09:33 -0400 RMueller <[EMAIL PROTECTED]>
wrote:
>of there OS. Move a folder and "all" programs are gone! Regardless
"their"
>Or, can we educate?
trying.
>thanks
np.
-BEGIN PGP SIGNATURE-
Note: This signature can b
On 11/1/07, nnp <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I'm not sure if you accidentally quoted my reply or not there, because
> if you did you're completely missing my point. My issue is with the
> format and content (or lack thereof) of the first post, I d
NOTE: Resending this was blocked last time.
Profit-driven malware has gotten very good at using Social Engineering
(backed up with Exploits) to spread itself. Zlob and it Codecs are one
particular example that has worked very well on Windows, even by
simply getting the user to install the software
Profit-driven malware has gotten very good at using Social Engineering
(backed up with Exploits) to spread itself. Zlob and it Codecs are one
particular example that has worked very well on Windows, even by simply
getting the user to install the software willingly. The
Storm/Zhelatin/Russian Busine
I included any exploit that took any end-user's interaction into the 86%
number. I included the list of exploits and what I considered a
client-side attack (versus truly remote) in the article:
http://weblog.infoworld.com/securityadviser/archives/WindowsExploitAnaly
sis.xls
It's not perfect, and
Adam St. Onge wrote:
> So if i put a picture of a naked girl on a website and said to see more you
> must open a terminal and enter "rm -rf".
> Would we consider this a trojan...or just stupidity?
That would be "just stupidity", to use your terminology.
"Trojan functionality" is a feature of the
I read a lot of babel on this subject. The point is simple...they are users as
much as PC folks. Friends, I serve both, and there is not much difference. 15
years doing the same damn job and they still can't add a printer regardless
of there OS. Move a folder and "all" programs are gone! Regardless
On Thu, 1 Nov 2007, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> --On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <[EMAIL PROTECTED]>
> wrote:
>>
>> On Thu, 1 Nov 2007, Paul Schmehl <[EMAIL PROTECTED]> wrote:
>>
>>> --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
>>> <[EMAIL PROTECT
--On November 1, 2007 4:53:12 PM -1000 Peter Besenbruch <[EMAIL PROTECTED]>
wrote:
There is no need to do that. In both Macs and Gnome or KDE on Unix, if
you try to run rpm -i (of whatever the install paradigm is on your
flavor of OS), you'll be *prompted* for the root password, not asked to
ru
> --On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <[EMAIL PROTECTED]>
> wrote:
>>
>> On Thu, 1 Nov 2007, Paul Schmehl <[EMAIL PROTECTED]> wrote:
>>
>>> --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
>>> <[EMAIL PROTECTED]> wrote:
>>>
So if i put a picture of a naked girl on a we
--On November 1, 2007 10:14:50 PM -0400 Jay Sulzberger <[EMAIL PROTECTED]>
wrote:
On Thu, 1 Nov 2007, Paul Schmehl <[EMAIL PROTECTED]> wrote:
--On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
<[EMAIL PROTECTED]> wrote:
So if i put a picture of a naked girl on a website and said to see m
On Thursday 01 November 2007 16:13:10 Paul Schmehl wrote:
> --On November 1, 2007 3:36:00 PM -1000 Peter Besenbruch <[EMAIL PROTECTED]>
>
> wrote:
> > Firefox throws up a download dialog, asking what I should do
> > with "prettyyoungthing.rpm," while a Javascript pop-up explains that to
> > see th
On Thu, 1 Nov 2007, Thor (Hammer of God) <[EMAIL PROTECTED]> wrote:
> That's an interesting figure (86% that is). Can you give us some
> insight into what you define as "user interaction"?
>
> If it is clicking a link or reading an HTML email, then OK. If it is
> opening an .exe from an email,
That's an interesting figure (86% that is). Can you give us some
insight into what you define as "user interaction"?
If it is clicking a link or reading an HTML email, then OK. If it is
opening an .exe from an email, I'd like to see what client you are
talking about and what environment (meaning
On Thu, 1 Nov 2007, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> --On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
> <[EMAIL PROTECTED]> wrote:
>
>> So if i put a picture of a naked girl on a website and said to see more
>> you must open a terminal and enter "rm -rf".
>>
>>
>> Would we cons
--On November 1, 2007 3:36:00 PM -1000 Peter Besenbruch <[EMAIL PROTECTED]>
wrote:
Firefox throws up a download dialog, asking what I should do
with "prettyyoungthing.rpm," while a Javascript pop-up explains that to
see these great images, I need to save the file, and type "rpm -i
prettyyoungth
On Thu, 1 Nov 2007, Adam St. Onge <[EMAIL PROTECTED]> wrote:
> So if i put a picture of a naked girl on a website and said to see more you
> must open a terminal and enter "rm -rf".
> Would we consider this a trojan...or just stupidity?
Yes, a Trojan. Yes, stupidity on the part of the designer
--On November 1, 2007 6:31:39 PM -0400 "Adam St. Onge"
<[EMAIL PROTECTED]> wrote:
So if i put a picture of a naked girl on a website and said to see more
you must open a terminal and enter "rm -rf".
Would we consider this a trojan...or just stupidity?
I would consider it stupidity to think
On Thursday 01 November 2007 11:49:09 Alex Eckelberry wrote:
> The future of malware is going to be largely through social engineering.
> Does that mean we ignore every threat that comes out because it requires
> user interaction? Seems like whistling past the graveyard to me.
Alex, no-one is sa
On Thu, 1 Nov 2007, Jim Harrison wrote:
> While Apple-oriented threats may not get either the validation or the
> publicity (on hardly equals the other) that Windows attacks do, it's hardly
> accurate (much less fair) to make those comparisons.
> For all those comparative points, my Kaypro-4 runn
Heh-heh; he said "Steve Gibson"; heh-heh-heh
Seriously; Tim is right.
While Apple-oriented threats may not get either the validation or the publicity
(on hardly equals the other) that Windows attacks do, it's hardly accurate
(much less fair) to make those comparisons.
For all those comparative p
Actually, on that same note, I recently did an analysis of the last
three years of published Windows vulnerabilities.
86% required local end-user interaction (i.e. social engineering) to be
pulled off.
http://www.infoworld.com/article/07/10/19/42OPsecadvise-insider-threats_
1.html
I didn't analyz
So if i put a picture of a naked girl on a website and said to see more you
must open a terminal and enter "rm -rf".
Would we consider this a trojan...or just stupidity?
On 11/1/07, Alex Eckelberry <[EMAIL PROTECTED]> wrote:
>
> > Let's not over-hype this-- while "Apple's day" has been coming, say
> Let's not over-hype this-- while "Apple's day" has been coming, saying
that users will be "hit hard" on something the user has to
> manually download, manually execute, and explicitly grant
administrative privileges to is *way* over the top.
The future of malware is going to be largely through
On 10/31/07, Gadi Evron <[EMAIL PROTECTED]> wrote:
>
> For whoever didn't hear, there is a Macintosh trojan in-the-wild being
> dropped, infecting mac users.
> Yes, it is being done by a regular online gang--itw--it is not yet another
> proof of concept. The same gang infects Windows machines as we
On Wednesday 31 October 2007 13:21:00 Gadi Evron wrote:
> This means one thing: Apple's day has finally come and Apple users are
> going to get hit hard. All those unpatched vulnerabilities from years past
> are going to bite them in the behind.
>
> I can sum it up in one sentence: OS X is the new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not sure if you accidentally quoted my reply or not there, because
if you did you're completely missing my point. My issue is with the
format and content (or lack thereof) of the first post, I don't think
I mentioned the iPhone, *BSD, MS or at any
On 11/1/07, nnp <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> There's a difference between ignoring something and making a statement like
>
> 'OS X is the new Windows 98.'
OK How about "iPhone is the new Win9x"? It is running a type of OSX,
one that is configured
reepex to me:
> > Yes, today, the average level of clue among Mac users is probably a
> > shade higher than amongst Windows users,
>
> Is this a joke? The reason people switch to macs is because they cannot
> handle simple tasks. Isnt the main thing said by new mac users is 'it just
> works' me
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There's a difference between ignoring something and making a statement like
'OS X is the new Windows 98.'
Its sensationalist and of no use, especially when posted to lists that
are supposedly populated with security experts. Everyone here is aware
of
I will take that pepsi challenge... what is at stake ;)
On Nov 1, 2007 4:50 PM, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> --On Thursday, November 01, 2007 16:42:51 -0500 reepex <[EMAIL PROTECTED]>
> wrote:
>
> > On Nov 1, 2007 4:34 PM, Nick FitzGerald <[EMAIL PROTECTED]>
> wrote:
> >
> >
> > Yes
--On Thursday, November 01, 2007 16:42:51 -0500 reepex <[EMAIL PROTECTED]>
wrote:
> On Nov 1, 2007 4:34 PM, Nick FitzGerald <[EMAIL PROTECTED]> wrote:
>
>
> Yes, today, the average level of clue among Mac users is probably a
> shade higher than amongst Windows users,
>
>
>
> Is this a joke? The
On Nov 1, 2007 4:34 PM, Nick FitzGerald <[EMAIL PROTECTED]> wrote:
> Yes, today, the average level of clue among Mac users is probably a
> shade higher than amongst Windows users,
Is this a joke? The reason people switch to macs is because they cannot
handle simple tasks. Isnt the main thing s
--On Thursday, November 01, 2007 13:27:07 -0600 Steven Block
<[EMAIL PROTECTED]> wrote:
> You're an idiot.
>
> Save this as a script and run it, it will give you unlimited power:
>
># !/bin/sh
> sudo rm -rf /
>
> Enter your password if you are prompted.
>
> Oh look, malware.
If you don't think t
Steven Block to Gadi Evron:
> You're an idiot.
>
> Save this as a script and run it, it will give you unlimited power:
>
> #!/bin/sh
> sudo rm -rf /
>
> Enter your password if you are prompted.
>
> Oh look, malware.
Were you looking in a mirror while writing that?
If you think there are not
> For whoever didn't hear, there is a Macintosh trojan in-the-wild being
> dropped, infecting mac users.
> Yes, it is being done by a regular online gang--itw--it is not yet
> another
> proof of concept. The same gang infects Windows machines as well, just
> that now they also target macs.
>
> htt
You're an idiot.
Save this as a script and run it, it will give you unlimited power:
#!/bin/sh
sudo rm -rf /
Enter your password if you are prompted.
Oh look, malware.
On Oct 31, 2007, at 5:21 PM, Gadi Evron wrote:
> For whoever didn't hear, there is a Macintosh trojan in-the-wild
> being d
For whoever didn't hear, there is a Macintosh trojan in-the-wild being
dropped, infecting mac users.
Yes, it is being done by a regular online gang--itw--it is not yet another
proof of concept. The same gang infects Windows machines as well, just
that now they also target macs.
http://sunbeltbl
It is funny that gadi does not post to this list anymore.. maybe its because
he knows people here can actually express their opinion against his retarded
posts without being moderated?
anyway of course gadi is going to jump over stuff like this because it takes
no technical knowledge to write abou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Oh don't be so bloody sensationalist. You're worse than the
journalists because you should know better.
- -nnp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Darwin)
Comment: http://firegpg.tuxfamily.org
iD8DBQFHKpQRbP10WPHfgnQRAtZ9AKDIydXWUjKG
55 matches
Mail list logo