[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Who should i contact?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Who should i contact?
From: Joe Stewart <jstewart@xxxxxxxxx>
Date: Wed, 5 Jul 2006 08:48:34 -0400

On Wednesday 05 July 2006 04:09, screwedbytaxes@xxxxxxxxxxxx wrote:
> I've already asked the tax filing company for more information
> about any breaches they may have suffered and what other
> information may have been exposed. They asked for the source
> emails, which I provided, and I have not heard back. This was over
> a week ago.
>
> What should I do? What would you do?

Several Bagle variants have a function to collect email addresses from 
files on the infected system and upload them to the author for later 
spamming. This could be one potential vector for such a breach. 

However, before you go busting the filing company, are you sure that 
none of your own systems (which may have contained these addresses in 
an address book or a browser cache) were infected by Bagle at some 
point?

-Joe

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Who should i contact?
  - From: screwedbytaxes

Prev by Date: Re: [Full-disclosure] Who should i contact?
Next by Date: Re: [Full-disclosure] Who should i contact?
Previous by thread: Re: [Full-disclosure] Who should i contact?
Next by thread: Re: [Full-disclosure] Who should i contact?
Index(es):
- Date
- Thread