Full Disclosure mailing list archives
Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
From: n3td3v <xploitable () gmail com>
Date: Sun, 11 Jan 2009 23:32:09 +0000
Their PGP keys have expired =) Sending email to US-CERT When sending sensitive information to US-CERT via email, we encourage you to encrypt your messages. US-CERT uses multiple public keys based upon their purpose. If the purpose of your communication is a cyber security incident report, vulnerability report, or any other technical question related to cyber security, please use the following key: User ID: US-CERT Security Operations Center <soc () us-cert gov> Key ID: B832BE70 Key Type: RSA Expires: 2009-10-01 Key size: 2048 Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70 Information about other keys can be found on Contacting US-CERT. & Receiving publications in email from US-CERT US-CERT signs the email distribution of all US-CERT publications, including Cyber Security Alerts, Technical Cyber Security Alerts, Cyber Security Bulletins and Cyber Security Tips with the following key: User ID: US-CERT Publications Key <us-cert () us-cert gov> Key ID: 0x3E1F88AB Key Type: RSA Expires: 2009-10-01 Key Size: 2048 Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB http://www.us-cert.gov/pgp/email.html On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis <work () c-tek org> wrote:
Just got this from US Cert. With what's going on with this list. I fought I might share with you all... With some of the crap on this list lately I really do hope it is spambots... ~Chris Wallis __________ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Original release date: January 9, 2009 at 9:25 am Last revised: January 9, 2009 at 9:25 am US-CERT is aware of public reports of malicious code circulating via spam email messages related to the Israel/Hamas conflict in Gaza. These messages may contain factual information about the conflict and appear to come from CNN. Additionally, the messages indicate that additional news coverage of the conflict can be viewed by following a link provided in the email body. If users click on this link, they are redirected to a bogus CNN website that appears to contain a video. Users who attempt to view this video will be prompted to update to a new version of Adobe Flash Player in order to view the video. This update is not a legitimate Adobe Flash Player update; it is malicious code. If users download this executable file, malicious code may be installed on their systems. US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks: * Install antivirus software, and keep the virus signatures up to date. * Do not follow unsolicited links and do not open unsolicited email messages. * Use caution when visiting untrusted websites. * Use caution when downloading and installing applications. * Obtain software applications and updates directly from the vendor's website. * Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams. * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks. Relevant Url(s): <http://www.us-cert.gov/cas/tips/ST04-014.html> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf> ==== This entry is available at http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1 fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ== =PU6L -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Chris Wallis (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages n3td3v (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Valdis . Kletnieks (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages n3td3v (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Mark Andrews (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Tonu Samuel (Jan 12)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Valdis . Kletnieks (Jan 11)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages Michael Holstein (Jan 12)
- Re: US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages n3td3v (Jan 11)