funsec mailing list archives
RE: Websense: Malware of the Week: MySpace XSS QuickTime Worm
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Mon, 4 Dec 2006 06:27:43 -0800
FWIW: Same event yes. Also to clarify..."empty means no video not no code" :-). Also, we have seen variants that include video and code now. -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Juha-Matti Laurio Sent: Saturday, December 02, 2006 8:20 AM To: Fergie; funsec () linuxbox org Subject: Re: [funsec] Websense: Malware of the Week: MySpace XSS QuickTime Worm Hmmm, is this the same issue than Neowin forum issue reported here: http://linuxbox.org/pipermail/funsec/2006-December/010547.html Neowin forum thread doesn't mention empty QT videos. Is this tip usefull to case reported by Websense: "...so open the quicktime .mov in notepad, look at the binary followed by "apple text writer plugin" i.e. to find JS code included. - Juha-Matti Fergie <fergdawg () netzero net> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another good one from the guys at Websense Labs. http://www.websense.com/securitylabs/alerts/alert.php?AlertID=708 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557) wj8DBQFFcP7Kq1pz9mNUZTMRAryYAKDc4THKe/KmsY2ZRuxuPnxwYFiLUQCgwuVR EYbSXWW0s9MnnMF8F1rKBNw= =ZqIJ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Malware of the Week: MySpace XSS QuickTime Worm Fergie (Dec 01)
- <Possible follow-ups>
- Re: Websense: Malware of the Week: MySpace XSS QuickTime Worm Juha-Matti Laurio (Dec 02)
- RE: Websense: Malware of the Week: MySpace XSS QuickTime Worm Hubbard, Dan (Dec 04)
- Re: Websense: Malware of the Week: MySpace XSS QuickTime Worm Juha-Matti Laurio (Dec 02)