Full Disclosure mailing list archives
Re: Fwd: threat to corporate security
From: "n3td3v" <n3td3v () hush com>
Date: Mon, 09 Apr 2007 23:34:26 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 n3td3v apppologizes to the community for wasintg everyones time with old news.
the conspiracy is a lot of spam actually belongs to hackers.
hackers
are increasingly using fake penis enlargement e-mail to probe the
out
of office auto responders of large corporations. its amazing how
much
information is left on auto responders, espeically at popular
vaction
times like easter and xmas.
n3td3v realizes that this warning was first reported by n3td3v's favorite news provider, abc news back in 2002 http://archives.neohapsis.com/archives/isn/2002-q4/0361.html and again in 2004 http://seclists.org/pen-test/2004/Aug/0210.html and even in 2007 http://www.pcmag.com/article2/0,1759,2088710,00.asp n3td3v also appoologizes for insulting people in th esecurity community that are undeserving of this kind of behavior. n3td3v sincerely aprologizes to gadi evron and dave aitel. but not rob lemos. n3td3v will forgiv rob next week. On Mon, 09 Apr 2007 10:18:33 -0600 n3td3v <n3td3v () gmail com> wrote:
---------- Forwarded message ---------- From: n3td3v <n3td3v () gmail com> Date: Apr 9, 2007 4:44 AM Subject: threat to corporate security To: Yahoo Security Contact <security () yahoo-inc com>, paranoids () yahoo-inc com the conspiracy is a lot of spam actually belongs to hackers. hackers are increasingly using fake penis enlargement e-mail to probe the out of office auto responders of large corporations. its amazing how much information is left on auto responders, espeically at popular vaction times like easter and xmas. individual employees un firmilar with security issues are increasingly throwing inetrnal operational information for co-workers to pick up, n3td3v said. the problem is its more than co-workers who are picking up this information and using it for hacking large corporations like yahoo. you can't rely on your employees anymore, corporations have got to start probing inboxes, because the bad guys are, n3td3v said. corporations have got to get tough on thsi n3td3v said. you got to harden your defenses on this front and strenghen your security policya t the same time to reassure security teams that employees are still aware of the threat of internet facing corporate mail boxes spewing out all kinds of information which is ultimately damaging for the company and its long term ecnomic interests. large corporations don't want to get hacked by simple yet effective attack vectors like this, n3td3v said, corporate security teams have really got to take this seriously and do something about it. just when you thought all that spam thats being sent aroudn the internet clogging up mail servers only have a commercial purpose, no, hackers are starting to to hitch a free ride on spam trends and are increasingly dressing up mail box probes as popular spam to effectively ping the inboxes of large multinationals to harvest out of office responder data, n3td3v finished saying in a statement sent early monday. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYbIX8ACgkQ+Rh5rcRCO0ZF6AP9GYNt4tYYr48LV/PKnh70P3ZGaqhX 4w3T1z+HdE936pqCqWAFGUp9kuSBmBEwoPPRttcw1KMFNPMATXwYZyWe/+Tu/pQR55r7 lkVEyo0nyBSYZtRjDVAfmVtWzbVXArvNATcLOkCov0FSoMs7NZkR8AGFKovLbpEc000A Nze2TRk= =154h -----END PGP SIGNATURE----- -- Click for free info on online doctorate degrees and make $250k/ year http://tagline.hushmail.com/fc/CAaCXv1ZYZ8in7lBQU5qaJCU6hBebYne/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fwd: threat to corporate security n3td3v (Apr 09)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 10)
- Re: [++++SPAM++++] Fwd: threat to corporate security n3td3v (Apr 10)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 11)
- Re: [++++SPAM++++] Fwd: threat to corporate security afed (Apr 11)
- Re: [++++SPAM++++] Fwd: threat to corporate security n3td3v (Apr 10)
- <Possible follow-ups>
- Re: Fwd: threat to corporate security n3td3v (Apr 09)
- Re: [++++SPAM++++] Fwd: threat to corporate security Marco Ermini (Apr 10)