|
 |
divendres, 20 / maig / 2005 |
[Via Bruce Schenier] el Honeynet Project ha publicat un interessant treball, Know your Enemy: Phishing on s'explica el funcionament intern dels atacs phishing analitzant les eines i tècniques utilitzades i facilitant tres exemples d'atacs reals
After a brief introduction and background, we will review the actual techniques and tools used by phishers, providing three examples of empirical research where real-world phishing attacks were captured using honeynets. These incidents will be described in detail and include system intrusion, phishing web site preparation, message propagation and data collection. Common techniques and trends are then analysed, including the growing integration of phishing, spamming, and botnets. Examples of the malware used by phishers to automate harvesting of email addresses and sending of spam email are reviewed, and we also present our observations on network scanning techniques and how compromised machines are used to spread phishing emails and other spam. Finally, we conclude this paper with an overview of the lessons learned in the last six months and suggest further research topics.
Ja tinc lectura interessant pel cap de setmana :)
|
13:08 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[InformationWeek] Bogus Microsoft Security Update Circulates. Un missatge informa de l'existència d'una actualització de l'Internet Explorer, l'Outlook Express i l'Outlook... els usuaris que fan clic a l'enllaç reben, a canvi, un virus i un troià.
This is the latest version of security update, the 'May 2005, Cumulative Patch' update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express," the official-looking e-mail reads.
Astute recipients will know that Microsoft did release a patch in May, but only for a bug in Windows 2000, not IE or Redmond's e-mail clients.
Users who click on the Download Update link embedded in the e-mail will be infected with the Pinfi virus, and an as-yet-undetermined Trojan horse.
|
12:53 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2003-2005 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
 |
 |
 |
 |
Contingut actualitzat
Categories
Darrers comentaris
Arxiu
Contingut antic
(ja no s'actualitza)
Versions anteriors
d'aquesta pàgina
|
 |
 |
 |
 |
|
