funsec mailing list archives

Re: Fwd: US-CERT Current Activity - Malicious Email Campaign Circulating

From: Paul Ferguson <fergdawgster () gmail com>
Date: Thu, 9 Sep 2010 23:51:51 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Sep 9, 2010 at 10:47 PM, Jeffrey Walton <noloader () gmail com> wrote:

I'm not sure which is least interesting..... the fact that malware is
being vectored through email, or that a PDF is involved in an exploit.


It wasn't a PDF -- it was "disguised" to look like a PDF. It was actually a
.scr script, which launch a whole can of badness.

- - ferg


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFMidWBq1pz9mNUZTMRAms2AJ0cbTiZ+heDoXVhVlIXllhKby4VzgCeP32o
U9pRCtiEIVPbRFHkjhB9Vzs=
=SJv8
-----END PGP SIGNATURE-----

-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Fwd: US-CERT Current Activity - Malicious Email Campaign Circulating Jeffrey Walton (Sep 09)
- Re: Fwd: US-CERT Current Activity - Malicious Email Campaign Circulating Paul Ferguson (Sep 10)