full-disclosure-uk January 2009 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] US-CERT Current Activi

Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

From: <sexyazngrl69_at_nospam>
Date: Sun Jan 11 2009 - 23:54:27 GMT
To: work@c-tek.org, full-disclosure@lists.grok.org.uk, xploitable@gmail.com


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

nice hack babe:))

On Sun, 11 Jan 2009 18:32:09 -0500 n3td3v <xploitable@gmail.com> wrote:
>Their PGP keys have expired =)
>
>Sending email to US-CERT
>
>When sending sensitive information to US-CERT via email, we
>encourage
>you to encrypt your messages. US-CERT uses multiple public keys
>based
>upon their purpose. If the purpose of your communication is a
>cyber
>security incident report, vulnerability report, or any other
>technical
>question related to cyber security, please use the following key:
>
>User ID: US-CERT Security Operations Center <soc@us-cert.gov>
>Key ID: B832BE70
>Key Type: RSA
>Expires: 2009-10-01
>Key size: 2048
>Fingerprint: 195E 7A9E CCD9 9504 3CA7 E26E 13D4 4840 B832 BE70
>
>Information about other keys can be found on Contacting US-CERT.
>
>&
>
>Receiving publications in email from US-CERT
>
>US-CERT signs the email distribution of all US-CERT publications,
>including Cyber Security Alerts, Technical Cyber Security Alerts,
>Cyber Security Bulletins and Cyber Security Tips with the
>following
>key:
>
>User ID: US-CERT Publications Key <us-cert@us-cert.gov>
>Key ID: 0x3E1F88AB
>Key Type: RSA
>Expires: 2009-10-01
>Key Size: 2048
>Fingerprint: E0BF 6D0E 88C1 1FFC F93F 571B 7207 9633 3E1F 88AB
>
>http://www.us-cert.gov/pgp/email.html
>
>On Sun, Jan 11, 2009 at 10:29 PM, Chris Wallis <work@c-tek.org>
>wrote:
>> Just got this from US Cert. With what's going on with this list.
>I fought
>> I might share with you all...
>>
>> With some of the crap on this list lately I really do hope it is
>spambots...
>>
>> ~Chris Wallis
>>
>>
>> __________
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> US-CERT Current Activity
>>
>> Malicious Code Circulating via Israel/Hamas Conflict Spam
>Messages
>>
>> Original release date: January 9, 2009 at 9:25 am Last revised:
>January 9,
>> 2009 at 9:25 am
>>
>>
>> US-CERT is aware of public reports of malicious code circulating
>via spam
>> email messages related to the Israel/Hamas conflict in Gaza.
>> These messages may contain factual information about the
>conflict and
>> appear to come from CNN. Additionally, the messages indicate
>that
>> additional news coverage of the conflict can be viewed by
>following a link
>> provided in the email body. If users click on this link, they
>are
>> redirected to a bogus CNN website that appears to contain a
>video.
>> Users who attempt to view this video will be prompted to update
>to a new
>> version of Adobe Flash Player in order to view the video. This
>update is
>> not a legitimate Adobe Flash Player update; it is malicious
>code. If users
>> download this executable file, malicious code may be installed
>on their
>> systems.
>>
>> US-CERT encourages users and administrators to take the
>following
>> preventative measures to help mitigate the security risks:
>> * Install antivirus software, and keep the virus signatures up
>to
>> date.
>> * Do not follow unsolicited links and do not open unsolicited
>email
>> messages.
>> * Use caution when visiting untrusted websites.
>> * Use caution when downloading and installing applications.
>> * Obtain software applications and updates directly from the
>> vendor's website.
>> * Refer to the Recognizing and Avoiding Email Scams (pdf)
>document
>> for more information on avoiding email scams.
>> * Refer to the Avoiding Social Engineering and Phishing Attacks
>> document for more information on social engineering attacks.
>>
>> Relevant Url(s):
>> <http://www.us-cert.gov/cas/tips/ST04-014.html>
>>
>> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf>
>>
>> ====
>> This entry is available at
>> http://www.us-
>cert.gov/current/index.html#malware_circulating_via_email_messages
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.5 (GNU/Linux)
>>
>> iQEVAwUBSWdhW3IHljM+H4irAQJcFAgAjGyje+ahBx/YguARXCI1CAYY/5zWoL1s
>> Zg5n1Ly+cB3kte8ZgVUoOb2CrHor8HxMhu3kVkD0T4yFpK1UOi9W4ERbe2ntVKGh
>> 2nISPXPWOmn9glexc9EnvBBmEUEEv3Uu8m6M5uykUisJMcfje5LVt1I9BtgESqmu
>> x9cTWACgciA+wgDHnaspKjxUOFaAy2c4SFBt+S/5FtzU4t43f6CThD4V4b3MO06y
>> 2m46lkWe4fJdQBd7tboj0CK+vX7IKtplPzL7VG+L36idn0ZBFwNMAJTiuHSjdEA1
>> fvLBMjMm4bBblUet4Mf4oKatkElqLXCZDMdaWJ1JPuCc6Lc5ChEMGQ==
>> =PU6L
>> -----END PGP SIGNATURE-----
>>
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0

wpwEAQMCAAYFAklqhrMACgkQynWwk3/AtyOmJgQAjZsbVABLYAgiJ6E3KbL8egRC16LZ LYWMz+Qq488tDFyuFqx42aKKX9Kq+Bq6OmiDpiEPfh/Kbv94Sz7NNhJitOUj59qmaW8l +Q7MZH3n8HLwWHuSNNg49Z+dbsa6bCoXg1UAFHsfzBgoxhpw409y3UOi8tiBZKGZh077 i7zstEQ=
=41Lu
-----END PGP SIGNATURE----- -- Not having a degree dragging you down?? Click here for free information. http://tagline.hushmail.com/fc/PnY6qxtpfWTkztv1CWWRfdCq2BwJiLB6qjjQgOYVTvAspZfGKCGXe/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/