Full Disclosure mailing list archives
Fwd: threat to corporate security
From: n3td3v <n3td3v () gmail com>
Date: Mon, 9 Apr 2007 17:18:33 +0100
---------- Forwarded message ---------- From: n3td3v <n3td3v () gmail com> Date: Apr 9, 2007 4:44 AM Subject: threat to corporate security To: Yahoo Security Contact <security () yahoo-inc com>, paranoids () yahoo-inc com the conspiracy is a lot of spam actually belongs to hackers. hackers are increasingly using fake penis enlargement e-mail to probe the out of office auto responders of large corporations. its amazing how much information is left on auto responders, espeically at popular vaction times like easter and xmas. individual employees un firmilar with security issues are increasingly throwing inetrnal operational information for co-workers to pick up, n3td3v said. the problem is its more than co-workers who are picking up this information and using it for hacking large corporations like yahoo. you can't rely on your employees anymore, corporations have got to start probing inboxes, because the bad guys are, n3td3v said. corporations have got to get tough on thsi n3td3v said. you got to harden your defenses on this front and strenghen your security policya t the same time to reassure security teams that employees are still aware of the threat of internet facing corporate mail boxes spewing out all kinds of information which is ultimately damaging for the company and its long term ecnomic interests. large corporations don't want to get hacked by simple yet effective attack vectors like this, n3td3v said, corporate security teams have really got to take this seriously and do something about it. just when you thought all that spam thats being sent aroudn the internet clogging up mail servers only have a commercial purpose, no, hackers are starting to to hitch a free ride on spam trends and are increasingly dressing up mail box probes as popular spam to effectively ping the inboxes of large multinationals to harvest out of office responder data, n3td3v finished saying in a statement sent early monday. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fwd: threat to corporate security n3td3v (Apr 09)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 10)
- Re: [++++SPAM++++] Fwd: threat to corporate security n3td3v (Apr 10)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 11)
- Re: [++++SPAM++++] Fwd: threat to corporate security afed (Apr 11)
- Re: [++++SPAM++++] Fwd: threat to corporate security n3td3v (Apr 10)
- <Possible follow-ups>
- Re: Fwd: threat to corporate security n3td3v (Apr 09)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 10)