nanog mailing list archives
Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
From: Jim Shankland <nanog () shankland org>
Date: Mon, 24 Apr 2023 10:37:30 -0700
On 4/24/23 9:24 AM, Niels Bakker wrote:
The key security concern here is "don't inspect/interpret bytes in an attachment with an application of the attacker's choosing". cat, or even emacs, seem pretty safe.* nanog () ve4 ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:Well, I eventually had a friend open the attachment on his Linux machineNot necessarily a safe idea: https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/(scroll down to "Operation DreamJob with a Linux payload", sadly no anchors)
For me, that's easiest to do with Linux or MacOS (terminal). But sure, if "open on a Linux machine" still means "point and click", then you're absolutely correct.
Jim Shankland
Current thread:
- BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Suresh Ramasubramanian (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Stefan Giera (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Bjoern Franke via NANOG (Apr 03)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Niels Bakker (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Jim Shankland (Apr 24)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Glen A. Pearce (Apr 26)
- Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...) Niels Bakker (Apr 24)