Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Trendmicro et.al.

From: Joanna Rutkowska <joanna () invisiblethings org>
Date: Mon, 17 Mar 2008 20:22:21 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ok, so that just inspired me to ask Dear Dailydavers how many of you
use, for a *daily* browsing, a web browser running inside:
1) a VM? (What VM product? Some VMWare appliances?)
2) a dedicated account for unsafe browsing (because OS-provided ACLs are
just good enough)?
3) the same account but with some form of manually-adjusted sandboxing
(protected mode IE doesn't count, right? :P), like e.g. OSX syscall
sandboxing ('cause it's like driving a car with a stick)?
4) An air gapped machine ;)

j.



Isaac Dawson wrote:
| Not sure if it has made the news over in the states/rest of the world
| but here in Japan its quite huge. Apparently on 3/12 trendmicro's
| site got hit by some sort of SQL injection scanner/tool that then
| injects some script URL to own the visitors. Seeing as how this was
| on their virus definition section I found it a rather interesting
| attack ;>. (Just found out that the register appears to have reported
| on it, take a look:
|
http://www.dslreports.com/forum/r20161397-Trend-Micro-Hacked-Serving-Malicious-Iframes
|  ).
|
| I find the selection of the javascript's name rather interesting as
| well. Makes me wonder if they're against the whaling that's going on
| here...
|
| -isaac
|
|
|
| ------------------------------------------------------------------------
|
|
| _______________________________________________ Dailydave mailing
| list Dailydave () lists immunitysec com
| http://lists.immunitysec.com/mailman/listinfo/dailydave

-----BEGIN PGP SIGNATURE-----

iQEVAwUBR97E6cwG7MOLAMOlAQIYYgf+Iec8xe7gtqCcloDpJtzJTV6ukA6ofLwa
Mmisp3ok4QzpXiJfIXTVDlWWUhsY47Ncr5QCvdJFYcyx8cTyO6iUHlpnNUdOmHgz
RLfHa+Lv3YIC13MGmYFj8Zcx+7o5Xc96X/EFaETMk5OFW7c5vcJWIxjbZmabtPjn
rMmDWgmvZux9YcLnF9THpBPmcsv6v7wFmWdI88EplkRAAS+LSeWG0pdgLbniapyJ
BqrCCWducR45fNBd+z1oi0GbkD5wuCqMn4y5cPGhg9FwbICYytOH+SXE17/dPy3e
dc1hln7EkoAKAxS0T/sXOmmO4W45A9X3nbSdCWZc+mLrb+3paQW3dQ==
=o4eE
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: