full-disclosure-uk January 2009 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] US-CERT Current Activi

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

From: n3td3v <xploitable_at_nospam>
Date: Sun Jan 11 2009 - 23:32:09 GMT
To: "Chris Wallis" <work@c-tek.org>, full-disclosure@lists.grok.org.uk


Their PGP keys have expired =)

Sending email to US-CERT

When sending sensitive information to US-CERT via email, we encourage you to encrypt your messages. US-CERT uses multiple public keys based upon their purpose. If the purpose of your communication is a cyber security incident report, vulnerability report, or any other technical question related to cyber security, please use the following key:

User ID: US-CERT Security Operations Center <soc@us-cert.gov> Key ID: B832BE70
Key Type: RSA
Expires: 2009-10-01
Key size: 2048
Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70

Information about other keys can be found on Contacting US-CERT.

&

Receiving publications in email from US-CERT

US-CERT signs the email distribution of all US-CERT publications, including Cyber Security Alerts, Technical Cyber Security Alerts, Cyber Security Bulletins and Cyber Security Tips with the following key:

User ID: US-CERT Publications Key <us-cert@us-cert.gov> Key ID: 0x3E1F88AB
Key Type: RSA
Expires: 2009-10-01
Key Size: 2048
Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB

http://www.us-cert.gov/pgp/email.html

On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis <work@c-tek.org> wrote:
> Just got this from US Cert. With what's going on with this list. I fought
> I might share with you all...
>
> With some of the crap on this list lately I really do hope it is spambots...
>
> ~Chris Wallis
>
>
> __________
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> US-CERT Current Activity
>
> Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
>
> Original release date: January 9, 2009 at 9:25 am Last revised: January 9,
> 2009 at 9:25 am
>
>
> US-CERT is aware of public reports of malicious code circulating via spam
> email messages related to the Israel/Hamas conflict in Gaza.
> These messages may contain factual information about the conflict and
> appear to come from CNN. Additionally, the messages indicate that
> additional news coverage of the conflict can be viewed by following a link
> provided in the email body. If users click on this link, they are
> redirected to a bogus CNN website that appears to contain a video.
> Users who attempt to view this video will be prompted to update to a new
> version of Adobe Flash Player in order to view the video. This update is
> not a legitimate Adobe Flash Player update; it is malicious code. If users
> download this executable file, malicious code may be installed on their
> systems.
>
> US-CERT encourages users and administrators to take the following
> preventative measures to help mitigate the security risks:
> * Install antivirus software, and keep the virus signatures up to
> date.
> * Do not follow unsolicited links and do not open unsolicited email
> messages.
> * Use caution when visiting untrusted websites.
> * Use caution when downloading and installing applications.
> * Obtain software applications and updates directly from the
> vendor's website.
> * Refer to the Recognizing and Avoiding Email Scams (pdf) document
> for more information on avoiding email scams.
> * Refer to the Avoiding Social Engineering and Phishing Attacks
> document for more information on social engineering attacks.
>
> Relevant Url(s):
> <http://www.us-cert.gov/cas/tips/ST04-014.html>
>
> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf>
>
> ====
> This entry is available at
> http://www.us-cert.gov/current/index.html#malware_circulating_via_email_messages
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
> Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
> 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
> x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
> 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
> fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
> =PU6L
> -----END PGP SIGNATURE-----
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/