Full Disclosure mailing list archives
Re: Setting the record straight on "The Return ofKoobface"
From: "Mr. Hinky Dink" <dink () mrhinkydink com>
Date: Sat, 20 Mar 2010 16:14:18 -0400
Absolutely you are correct, but if you check the blog there are further references up to last Friday. It was a tremendous, jaw-dropping flood of Kooberz proxies the last two weeks. And it's still coming. The point is us Little Guys are paying attention, too. And sometimes we catch this shit before the Big Boys like Dancho and Kaspersky wake up and smell the coffee. Since February I've been wondering Why The Hell I hadn't heard anything in the ITsec press on this new resurgence. Did they hold back so Dancho could publish his "Ten Things You Didn't Know About The Koobface Gang" article? Or so Microsoft could gloat over "taking down" the Wimpy Waledac botnet? Is the Good News always published before the Bad News in the security industry press release cycle? The fact remains, Koobface marches on and the security industry can't stop it. Period. I will be among the first to jump up and down and yell "RA!" when someone takes it down, but it ain't going to happen soon. All I can do is sit back and watch while the Big Boys get their headlines. BTW, I don't consider myself "bitter". I'm what you might call "tangy". Thanks for your support, Hinky ----- Original Message ----- From: J Roger To: full-disclosure () lists grok org uk Sent: Saturday, March 20, 2010 3:28 PM Subject: Re: [Full-disclosure] Setting the record straight on "The Return ofKoobface" This reads as "waaa i noticed this first and didn't think much of it but now that someone else is making a big deal, i want my credit". Maybe you reported on it first on your blog, with a single sentence that wasn't even the primary focus of the post. Regardless if an up rise in koobface is significantly news worthy or not, you apparently failed to draw enough attention (or the right attention) to it at the time. In other words, maybe you did it first, but someone else did it better. What's more valuable to an enterprise, someone that quickly writes a risk assessment that's so sloppy the management with authority to act on the findings don't even bother to read it, or someone that takes the time to write a report on the same findings that actually speaks to the business and be able to make positive changes happen. You talk about being bitter towards the security industry (which IS understandable) but maybe it's time to reflect back a little on yourself. Maybe it's not ALL the industries fault. Maybe the sources of your bitterness have a little something to do with your inability to make enough of the right things happen. Sure you're a "Big Time Security Professional", but maybe your blog wasn't enough to get the word out. Maybe you felt it wasn't even worth getting the word out or sounding any alarms. If that's the case though, don't go back now and try to take credit. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Setting the record straight on "The Return of Koobface" Mr. Hinky Dink (Mar 20)
- Re: Setting the record straight on "The Return of Koobface" J Roger (Mar 20)
- Re: Setting the record straight on "The Return ofKoobface" Mr. Hinky Dink (Mar 20)
- Re: Setting the record straight on "The Return ofKoobface" J Roger (Mar 21)
- Re: Setting the record straight on "The Return ofKoobface" Mr. Hinky Dink (Mar 20)
- Re: Setting the record straight on "The Return of Koobface" J Roger (Mar 20)