funsec mailing list archives
Re: Compromised aliases anyone? Was: ISACA, a registered trademark
From: Chris Buechler <funsec () chrisbuechler com>
Date: Thu, 10 May 2007 12:59:44 -0400
Dude VanWinkle wrote:
On 5/9/07, Chris Buechler <funsec () chrisbuechler com> wrote:and the aliases are unique enough that there's no possible way I would get spam to those addresses via any means other than a compromise of their email database.actually, you could get spam because the spammers sign up to mailing lists and harvest out the addys
For lists like this, sure, as I said. There are also web-based mail archives that don't obfuscate email addresses well, if at all. But that's not the case for a company's private mailing list that they use to send marketing crud or whatever to you, unless they do something really stupid like send it to a bunch of people in the To: line and expose the list themselves. Neither of the companies I spoke of did that, so their databases had to be disclosed somehow (disgruntled employee or network compromise, I'd guess).
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ISACA, a registered trademark Kurt Grutzmacher (May 08)
- Compromised aliases anyone? Was: ISACA, a registered trademark Chris Buechler (May 09)
- Message not available
- Re: Compromised aliases anyone? Was: ISACA, a registered trademark Chris Buechler (May 10)
- Message not available
- Compromised aliases anyone? Was: ISACA, a registered trademark Chris Buechler (May 09)