How are systems being exploited today (OS vulnerability vs malicious email attachments) ?... - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

After serious thinking Virus Guy wrote :
Quoted text here. Click to load it

You just don't understand the subject well enough to get any meaning  
from the replies that you do get.



Re: How are systems being exploited today (OS vulnerability vs maliciousemail attachments) ?

Wolf K wrote:
  
Quoted text here. Click to load it

I wasn't asking how (mechanically) to find the answer.  I too also know
that starting with an inventory of all WU updates and then drilling down
into the details of each of them and then perhaps following countless
other information sources as to how this interacts with that is one way
to arrive at an answer.  

Quoted text here. Click to load it

Why should you not?

If someone else came here to ask the same question, and you knew the
answer (and not just a method that would yield the answer) - would you
tell them?

Would you tell anyone?

Is the answer a big secret?

Quoted text here. Click to load it

Why are you here, reading my post - or any post?

Quoted text here. Click to load it

Fine - let's talk about that.  This was my question:

-----------
Is anyone here familiar enough with the outlook .msg attachment
container format to know if this file is trying to exploit some
known code-execution vulnerability in that attachment type?
-----------

Your response was to tell me that the attachment was probably malware -
but that was something I already knew.  Your response did not address at
all my clearly-stated question regarding the existance of .msg
attachment vulnerabilities.  How can I more clearly explain that your
response was not helpful in answering that question?

Quoted text here. Click to load it

Do you not see how I was not asking whether or not the .msg attachment
in question was malicious?

Do you not see how my ONLY question was to ask if there were known
Outlook .msg attachement-rendering exploits?

Quoted text here. Click to load it

So you misunderstood or misread my post, I offered the "mild" response
that your answer was not helpful in answering my question, and you got
offended or I hurt your feelings and now you're going to collect all
your marbles and walk away.

So know I know something about the sort of person you are.

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Virus Guy used his keyboard to write :
Quoted text here. Click to load it

You don't even know how to ask the questions, and yet you argue against  
the correct answers while displaying your ignorance of the subject  
matter. I'm not the only one who noticed that, but I have tried to  
answer anyway just to help. You're not only clueless, but clue  
resistant.



Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

On Wed, 02 Apr 2014 09:10:07 -0400, FromTheRafters wrote:

Quoted text here. Click to load it

To all the posters who attempted to help VG... now you see the reasons  
for the previous comments made about his childish behavior. Remember  
those kids in kindergarten who stomp their feet and scream and yell to  
get attention?

"He's all whine, with no cheese or crackers."

He's had a much more brutal ripping on NANAE posting as Spam Guy and  
other nyms and behaving badly. He's filter bait at best, a waste of  
electrons at worst. Thanks to all who tried to help him. (Been there-done  
that).

Thane

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Rick Simon wrote:
  
Quoted text here. Click to load it

So basically your asking why ask questions?

So nobody should ever ask anyone any questions?

That seems to be the central theme that this thread has taken.  Many of
the posts I make where I ask a question seem to take the same turn where
responders basically say that asking questions is not the best or most
direct way to gain knowledge.

Quoted text here. Click to load it

I wonder what motivated you to feel the need to add that to your
response, but if I ask, someone will just tell me that I need to do my
own research...

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

On 2014-04-01 10:22 AM, Virus Guy wrote:
[...]
Quoted text here. Click to load it
[...]

Clicking.

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Wolf K expressed precisely :
Quoted text here. Click to load it

Exactly! Still the number one security vulnerability is the user. Most  
of the spammed out malware come-ons rely solely on this.



Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

wrote:

Quoted text here. Click to load it

    No. It's double clicking (just my 1st April contribution).
    ;)
    []'s
--  
Don't be evil - Google 2004
We have a new policy  - Google 2012

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

On 2014-04-01 5:26 PM, Shadow wrote:
Quoted text here. Click to load it

;-)

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Virus Guy wrote:
Quoted text here. Click to load it

Hello again, Virus Guy :-)

Watch the video here: http://www.stopthehacker.com

And read this:-

Web-based malware is the new bane of the Internet. Malware developers  
have focused on using websites to distribute millions of copies of  
viruses, Trojans and other malicious computer programs. This modern  
modus operandi banks on the fact that a website’s security is weak and  
can be easily compromised. In this article we want to raise awareness  
about how malware developers are hiding their malicious code to prevent  
detection by website administrators and other software.

The Phenomenon

The number of websites getting hacked is a trend strengthening by the  
day. More than 6,600 new websites get hacked every single day and  
consequently become distributors of malware and are subsequently  
blacklisted. This results in lost business and customer trust, not to  
mention that these compromised websites can become part of the chain of  
information theft.

Attack patterns change hourly. Consider for example, that on any given  
day 200,000 samples of web-based malware are identified in websites on  
the Internet. Firewalls, Web Application Firewalls (WAFs) and other  
security software make it harder for hackers to penetrate website  
security, but given the sheer volume and variants of malware, it is  
impossible for these security vendors to deliver signatures in real-time.

Malware Posing as jQuery

One way hackers fly under the radar, while causing immense damage to  
visitors of compromised websites, is to make their malicious computer  
code look like trusted computer code developed by a reputed organization.

http://www.stopthehacker.com/2011/01/14/malware-posing-as-jquery/#.Uzq_R9zax77

==

Catch Me if You Can: Antivirus Poor at Detecting Web-Malware
************************************************************

Brief highlights:

AV engines used: AVG, ClamAV, F-prot, Avast

None of the AV engines detected more than 11% of the malicious samples
AVG detected: 6.92%, ClamAV detected: 10.69%, F-prot detected: 10.06%,  
Avast detected: 2.52% of the samples respectively

Only one sample was detected by all four AV engines. This sample was  
extremely similar to a POC exploit code from milw0rm.com

This limited experiment shows that traditional AV engines have a long  
way to go when it comes to detecting web-based malware. Jaal uses  
proprietary detection technology which is based on artificial  
intelligence and machine learning algorithms which can understand how  
malicious pieces of code behave and profile and classify them with high  
accuracy and recall.

http://www.stopthehacker.com/2009/12/11/catch-me-if-you-can-antivirus-poor-at-detecting-web-malware/#.Uzq_y9zax74

Quoted text here. Click to load it

Internet Explorer 8 is the last version of Internet Explorer to be  
supported on Windows XP

Quoted text here. Click to load it

http://en.wikipedia.org/wiki/Internet_Explorer_8


--  
The only people who make a difference are the people who believe they can.

Re: How are systems being exploited today (OS vulnerability vs maliciousemail attachments) ?

~BD~ wrote:
  
Quoted text here. Click to load it

Sorry - no.  If you want to distill what-ever is there down to a few
sentences, then do so.
  
Quoted text here. Click to load it

Malware posing as jquery.

So again I ask - is that an example of an exploit route where the most
reasonable (or only) method of erasing from a system is supplied by MS
via a WU patch?

I seek here to ask how going forward from this point in time, how are
Win-XP systems uniquely vulnerable to exploitation in ways that Windows
7 will not be due to solutions provided by Micro$haft.

How relevant (to home or SOHO users) are the patches made by MS in terms
of the holes or exploits that they close make up some significant
percentage of the root cause of how Windoze systems find themselves
running remote exploit code (botnet, trojan, backdoor, etc) ?

Are corporate / institutional system more vulnerable to the exploits for
which MS has provided hundreds of WU patches for over the years?

Re: How are systems being exploited today (OS vulnerability vs maliciousemail attachments) ?

Virus Guy wrote:
Quoted text here. Click to load it

Perhaps you'll watch on YouTube?  
http://youtu.be/mKRK-rXYuto

http://youtu.be/mKRK-rXYuto


StopTheHacker is suite of security technologies designed to keep a  
company's website safe.

Web Malware Detection: Scans your website to determine if hackers have  
injected malicious code on your site. Removes the infected code  
automatically and immediately. Answers the question: "Am I infected"?  
and fixes the problem.

Why? If your site is infected, you need to know so you can take action  
immediately before your customers get infected and/or your site gets  
blacklisted.

Vulnerability Assessment: Scans your website to let you know about any  
security holes that hackers may exploit. Answers the question: "Am I  
Vulnerable for potential attacks"?

Why: If your site is vulnerable, you need to know so you can take action  
immediately before hackers break in and infect your website and  
visitors. If you need help patching your systems, our security experts  
are available to help.

Uptime Monitoring: Scans your website to report if your website has been  
down and unavailable.

Why: If your site is unavailable, you need to figure out why so it  
doesn't happen again.

Reputation Monitoring: Scans of your website against malware, spam, and  
other blacklists (e.g. Google, Microsoft, Yahoo, and others). Answers  
the question: "Am I Blacklisted"?

Why: If your site has bad reputation and is blacklisted by any search  
engines, you need to know so you can take action immediately.

-


Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

On 2014-04-01 9:21 AM, Virus Guy wrote:
Quoted text here. Click to load it

Google is your friend:

http://statisticbrain.com/computer-virus-statistics/
(One among many sites.)

The most common source of infection is the person who uses the computer.  
It's amazing how many people open stuff they should just delete.

HTH

--  
Best,
Wolf K
kirkwood40.blogspot.ca

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Wolf K expressed precisely :
Quoted text here. Click to load it

They use a unique definition for "virus" IMO.

Quoted text here. Click to load it

True.



Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

I understand that many institutions using XP for specific tasks (such as
bank teller interface) will contract with Micro$haft to continue to get
private support for XP.

I believe these are called paid hot-fixes - yes?

Are these private updates generic in terms of being applicable and
distributed to all subscribers of these hot-fixes, or do different
customers get different, perhaps tailored or customized editions of
these fixes / patches?

Will these private hot-fixes leak out into the wider XP user-base?

Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

Virus Guy brought next idea :
Quoted text here. Click to load it

Talk to the hand.



Re: How are systems being exploited today (OS vulnerability vs malicious email attachments) ?

FromTheRafters wrote:
Quoted text here. Click to load it

I've actually got around to looking up what that means!

http://en.wikipedia.org/wiki/Talk_to_the_hand

I like you better when you aren't rude to folk, FTR.

Have a great day! :-)

(have you photographed the icicles again yet?)


Site Timeline