|Main Archive Page > Month Archives > full-disclosure-uk archives|
Just got this from US Cert. With what's going on with this list. I fought I might share with you all...
With some of the crap on this list lately I really do hope it is spambots...
US-CERT Current Activity
Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
Original release date: January 9, 2009 at 9:25 am Last revised: January 9, 2009 at 9:25 am
US-CERT is aware of public reports of malicious code circulating via spam email messages related to the Israel/Hamas conflict in Gaza. These messages may contain factual information about the conflict and appear to come from CNN. Additionally, the messages indicate that additional news coverage of the conflict can be viewed by following a link provided in the email body. If users click on this link, they are redirected to a bogus CNN website that appears to contain a video. Users who attempt to view this video will be prompted to update to a new version of Adobe Flash Player in order to view the video. This update is not a legitimate Adobe Flash Player update; it is malicious code. If users download this executable file, malicious code may be installed on their systems.
US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----