funsec mailing list archives
Re: Spamming as a Service in Total Protection
From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 19 Jan 2012 13:32:46 -0500
On Thu, Jan 19, 2012 at 1:13 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rmslade () shaw ca> wrote:
http://www.reuters.com/article/2012/01/19/us-mcafee-idUSTRE80I0A620120119 I post this primarily as a warning to those who have this product installed. However, I do feel compelled to note that this outfit, along with another that comes in a yellow box, and one particularly trendy product, have had a) a great deal of market success, and b) a number of absolutely stunning failures over the years. (Which, I suppose, is just another example of how marketing trumps security, every time ...)
McAffe and TrendMicro were particularly vulnerable to handle manipulations [1]. We found we would accidentally shutdown the update service or the firewall while focusing attacks on the scanner. No administrator privileges required. Jeff [1] "Old Dogs And New Tricks: Do You Know Where Your Handles Are?", http://www.softwareintegrity.com/Documents/Old-Dogs-and-New-Tricks.pdf or http://packetstormsecurity.org/files/100564/Old-Dogs-and-New-Tricks.pdf _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Spamming as a Service in Total Protection Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 19)
- Re: Spamming as a Service in Total Protection Jeffrey Walton (Jan 19)
- Re: Spamming as a Service in Total Protection Nick FitzGerald (Jan 19)