[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Full-Disclosure Digest, Vol 79, Issue 6
- To: "Valdis.Kletnieks@xxxxxx" <Valdis.Kletnieks@xxxxxx>, Tomm Foo <bl4kjeebus121@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 79, Issue 6
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Date: Sat, 3 Sep 2011 16:46:18 +0000
We both know the answer to that question: No, he doesn't, because it's not.
But that never stops people from *saying* it's out there in their *secret*
botnets that they can't tell anyone about because it's all on the QT.
I doubt it's even in lab environments sense the entire class of "vulnerability"
is basically worthless, and working up valid PoCs is a waste of time. I
totally agree with the points you made in your earlier reply, btw - just didn't
have a chance to reply.
I also agree with your comment regarding this type of thing being "the future
of infosec as well." I don't even know what to call it anymore... we've always
had a high amount of FUD in the industry, but it's not at the point that
"InfoSec" is actually the opposite of what it means: "Misinformation
Insecurity" now, at a basic level. It's commercial grandstanding. All these
guys have to do is post inane technical tidbits and wrap them in unquantifiable
hyperbole, and some blog troll picks it up and posts it on ThreadPost or
Computerworld. Before you know it, they get accepted to speak at some
conference where they further artificially inflate risk by claiming wide-spread
existence of unauthenticated Internet-based shares and how "most" companies do
A, B, or C when they really have no idea what companies do.
I'll add to your prediction, and I'll even shorten the timeframe more. From a
social engineering standpoint, the focus will be delivering content through
"trusted" channels in social networks where referred parties deliver 3rd party
content in the way of video, links, ads, and of course, software downloads.
Aggregating social plug-ins will not only deliver this content, but they, in
themselves, will provide reporting and redirection capabilities. The thing is,
these plug-ins will actually "work," in that they will perform the advertised
function, but will also have additional "features" exposing attack vectors.
I think the cognitive psyches are already at work designing the UIs and
triggers.
t
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of
Valdis.Kletnieks@xxxxxx
Sent: Saturday, September 03, 2011 8:45 AM
To: Tomm Foo
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 79, Issue 6
On Sat, 03 Sep 2011 04:16:00 PDT, Tomm Foo said:
> what the..? gl0w0rm you dont know shiit bout nothin. keep hollerin at
> yo boys at HF, cause them cats is legit leet, bra.
> > From: GloW - XD <doomxd@xxxxxxxxx>
> > I must agree, considering i have yet to see it used in even botnet
> > circles,
Ok Tomm, I'll bite. Do you have any actual evidence this one *is* being used in
botnet circles (or anyplace else outside a lab environment)?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/