funsec mailing list archives
Re: Adobe investigates sophisticatic corporate networksecurity issue
From: Paul Ferguson <fergdawgster () gmail com>
Date: Wed, 13 Jan 2010 11:39:13 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jan 13, 2010 at 11:35 AM, Joel Esler <eslerj () gmail com> wrote:
yeah, but that doesn't tell me how the attack too place, from a technical standpoint. :)
There is pretty clear evidence that someone (more than one someone, apparently) opened an attachment they shouldn't have, as described here: http://www.f-secure.com/weblog/archives/00001854.html - - ferg
On Wed, Jan 13, 2010 at 1:54 PM, Paul Ferguson <fergdawgster () gmail com> wrote:On Wed, Jan 13, 2010 at 10:28 AM, Joel Esler <eslerj () gmail com> wrote:Did anyone else think that there are two parts to that Google attack? Spearphishing, and it just seemed like there was another part, the part involving other companies?This is the most plausible explanation I have heard: "The US flaw-hunting specialist said that the attack was an attempt to steal source code on an industrial scale and was, in many cases, probably successful. If correct, this might explain why Google has by its own normally quite restrained standards gone ballistic to the extent of threatening to quit China." http://news.techworld.com/security/3210137/google-hack-hit-33-other-comp ani es/ Having been in contact with the "US flaw-hunting specialist" mentioned above, this lines up pretty accurately. - - ferg
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLTiFSq1pz9mNUZTMRAkuQAKDpA2zLWEYL0m7lBU6uFea2AhiEHwCg9oo1 wpdULAKStno2N+glVqg+45M= =BJwB -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Adobe investigates sophisticatic corporate networksecurity issue Juha-Matti Laurio (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Joel Esler (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Paul Ferguson (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Joel Esler (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Paul Ferguson (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Paul Ferguson (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Dan Kaminsky (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Paul M. Moriarty (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Dan Kaminsky (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Rich Kulawiec (Jan 14)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Dan Kaminsky (Jan 14)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Wim Lewis (Jan 19)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Larry Seltzer (Jan 19)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Valdis . Kletnieks (Jan 19)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Larry Seltzer (Jan 19)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Paul Ferguson (Jan 13)
- Re: Adobe investigates sophisticatic corporate networksecurity issue Joel Esler (Jan 13)