[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
- To: "Mikhail A. Utin" <mutin@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
- From: Ryan Sears <rdsears@xxxxxxx>
- Date: Tue, 23 Nov 2010 13:59:14 -0500 (EST)
Alright, before this REALLY explodes, I'm going to go ahead and point out the
obvious troll behavior here. This might be my last response to this. :-P
We don't believe ourselves gods by any means, but YOU also can not call
yourself a security professional in any sense, as you have little to no
knowledge of security, and you have conducted yourself in a *very*
un-professional manner. The reason that we are so angry about this is because
you've taken our passion - the one thing we strive to do with the rest of our
lives and essentially crapped all over it. You claim to be a CISSP, but thanks
to you I now have to re-evaluate the value of such a title. If someone who
clearly doesn't know what they're doing in the world of security can get one,
then I don't believe it's a very good cert, now is it.
I have absolutely *no* idea what you mean by 'hiding in such Russian-born
domains'. I don't have too much time on my hands, but when I see someone taking
something I love and trying to slap me in the face with it, I WILL say
something, regardless of how busy I am. But then again, going back to the troll
behavior, that might be exactly what you want, eh?
You sir, like I stated before, are exactly what's wrong with the security
scene. There are so many subtle nuances in the security world, and the more I
learn, the more I realize how little I actually know. You on the other-hand
don't even realize that they're there! Security is ever-dynamic, so you need to
constantly be learning (even if you've been in the industry for some time).
Frustrating. That is the one word that comes to mind with your responses.
Within our disclosures of your idiocy, we WERE trying to help you. You're just
too smug to see that, so I think you may be the one with a god-complex sir, not
I. I KNOW that I'm not the best at *anything* by any means, but I am learning
every single day about stuff I don't know, and the cutting-edge of security
technologies. You refuse to learn though, then expect to be right about
everything.
THAT'S why I'm pissed off.
Ryan Sears
----- Original Message -----
From: "Mikhail A. Utin" <mutin@xxxxxxxxxxxxxxxxxxxx>
To: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Sent: Tuesday, November 23, 2010 9:26:49 AM GMT -05:00 US/Canada Eastern
Subject: Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
As we see, our list has a few (luckily just a few) unprofessional people
thinking of themselves as gods, and hiding in such Russian-born domains. It's
useless to engage in any discussion as they have too much time and will waste
our time as well. And it's useless to explain ethics, security basics, and our
experience as they are kiddies. Eventually they will grow ... may be.
List, thank you very much
Mikhail A. Utin, CISSP
Information Security Analyst
Commonwealth Care Alliance
30 Winter St.
Boston, MA
TEL: (617) 426-0600 x.288
FAX: (617) 249-2114
http://www.commonwealthcare.org
mutin@xxxxxxxxxxxxxxxxxxxx
-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Monday, November 22, 2010 4:52 PM
To: Mikhail A. Utin
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: RE: virus in email RTF message MS OE almost disabled
Keep it on the list. No need for private emails if you need assistance - give
everyone a chance!
My response was far more useful than your post - "I got pwned by an Office
virus by opening an attachment in OE - What could it be??" Jeeze dude. And I
didn't give any "adice" about "Noton." I said to get someone professional,
which you *clearly* need to do.
You should look up these guys:
http://www.rubos.com/pisa.html
Apparently they are Information System Security Professionals, and they are in
the same town as you. One even has a CISSP, so you KNOW that he knows what he
is doing. Funny thing is that he has the exact same name as you do. What are
the chances of that? If these guys formed the company to sell services to
businesses and individuals to comply with legal security and privacy
requirements, then they should be able to figure out how to find an Office
virus on XP, right?
You can even join them as "Security professionals and experienced Information
Sestems professionals are welcome." I'm not sure what a "Sestems professional"
is, but it must be very important work.
Waste of time indeed. Apple Stores are hiring "geniuses" for the holidays -
even they know how to use XP and could help.
t
From: Mikhail A. Utin [mailto:mutin@xxxxxxxxxxxxxxxxxxxx]
Sent: Monday, November 22, 2010 1:26 PM
To: Thor (Hammer of God)
Subject: RE: virus in email RTF message MS OE almost disabled
Your email is useless. It is on my home PC. If you have better adice than using
Noton SW, then please use your mind to get something minigful.
If you can name the virus or where to find its instance, it would be a help.
Otherwise do not waste you and my time.
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Monday, November 22, 2010 3:17 PM
To: Mikhail A. Utin; full-disclosure@xxxxxxxxxxxxxxxxx
Subject: RE: virus in email RTF message MS OE almost disabled
You know, every time I start to get a bit of hope for what looks like an upward
trend of businesses and organizations taking security seriously, I see crap
like this. Your organization is a Medicare prescription contractor with a
national network of 61,022 contracted pharmacies, and not only are you running
unpatched versions of old OS's and opening email attachments because they "look
OK," but you have to post to Full Disclosure asking help for trivial virus
detection and removal advice? Now that everyone on FD knows that you are
vulnerable and that you open email attachments, you've probably just caused the
organization to be pwned 9 ways from Sunday.
To answer your question, call a professional and have them do it. And in the
future, don't send out emails like this from your organization email announcing
the state of your security. That's what Hotmail is for.
t
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Mikhail A. Utin
Sent: Monday, November 22, 2010 7:18 AM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] virus in email RTF message MS OE almost disabled
Hello,
Opening looking OK email message in my MS OE I've very likely got new kind of
virus, which exploits MS Office flaw recently announced. Immediately after, my
OE started consuming huge memory when I switched between folders or messages.
I've not seen any process in Task Manager taking up to 1 GB memory (physical is
512M). I did not find any newly installed executables either. When I shut down
OE, the computer works fine.
Any thoughts?
Thank you
Mikhail
CONFIDENTIALITY NOTICE: This email communication and any attachments may
contain confidential
and privileged information for the use of the designated recipients named
above. If you are
not the intended recipient, you are hereby notified that you have received this
communication
in error and that any review, disclosure, dissemination, distribution or
copying of it or its
contents is prohibited. If you have received this communication in error,
please reply to the
sender immediately or by telephone at (617) 426-0600 and destroy all copies of
this communication
and any attachments. For further information regarding Commonwealth Care
Alliance's privacy policy,
please visit our Internet web site at http://www.commonwealthcare.org.
CONFIDENTIALITY NOTICE: This email communication and any attachments may
contain confidential
and privileged information for the use of the designated recipients named
above. If you are
not the intended recipient, you are hereby notified that you have received this
communication
in error and that any review, disclosure, dissemination, distribution or
copying of it or its
contents is prohibited. If you have received this communication in error,
please reply to the
sender immediately or by telephone at (617) 426-0600 and destroy all copies of
this communication
and any attachments. For further information regarding Commonwealth Care
Alliance's privacy policy,
please visit our Internet web site at http://www.commonwealthcare.org.
CONFIDENTIALITY NOTICE: This email communication and any attachments may
contain confidential
and privileged information for the use of the designated recipients named
above. If you are
not the intended recipient, you are hereby notified that you have received this
communication
in error and that any review, disclosure, dissemination, distribution or
copying of it or its
contents is prohibited. If you have received this communication in error,
please reply to the
sender immediately or by telephone at (617) 426-0600 and destroy all copies of
this communication
and any attachments. For further information regarding Commonwealth Care
Alliance's privacy policy,
please visit our Internet web site at http://www.commonwealthcare.org.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/