Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Salesforce.com issue?

Published: 2007-10-31
Last Updated: 2007-11-01 01:00:16 UTC
by Mark Hofman (Version: 1)
1 comment(s)

We've had a number of readers report that they have received very specifically targeted EEOC or FTC SPAM emails.  Several commented that some of the email addresses were only available from salesforce.com DB.   Most of the emails contained full names of the recipient.   We're trying to confirm this through several sources, the Washington Post has also tagged onto the story. 

If you have info that may assist let us know through the contact form and we'll keep you posted.

 

Mark H

 

Keywords:
1 comment(s)

Don't download the Dancing Skeleton!

Published: 2007-10-31
Last Updated: 2007-10-31 16:53:38 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

Halloween malware is SUPPOSED to be scary. Thanks roseman.

Watch out for the dancing skeleton now!  Seems the Storm gang are out and about for Halloween then. Thanks Alan.

Cheers,
Adrien de Beaupré
Bell Canada

Keywords:
0 comment(s)

Happy Samhain / All Hallows Eve

Published: 2007-10-31
Last Updated: 2007-10-31 15:40:02 UTC
by Adrien de Beaupre (Version: 4)
0 comment(s)

Things do go bump in the night, on the Internet at least. 

Update 1

Have any scary stories to share?

Update 2

hxxp://us_goldbuyers_.com (deliberately mangled) is serving up some obfuscated javascript.

Boils down to a download from 81.95.145.181 which is telling me "ai siktir vee".

Update 3

A moderate earthquake hit in California, "Is this the day you review YOUR backup plans?". Thanks roseman.

http://quake.wr.usgs.gov/recenteqs/Quakes/nc40204628.htm

 

Cheers,
Adrien de Beaupré
Bell Canada

 

Keywords:
0 comment(s)

Cyber Security Awareness Tip #31: Legal Awareness (Regulatory, Statutory, etc.)

Published: 2007-10-31
Last Updated: 2007-10-31 00:19:37 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

Scary stuff! Well for me anyways. As a security geek with a technical background the legal, regulatory, privacy, and liability issues revolving around Information Security are quite daunting. They speak a different language and have completely different concerns. For todays tips can you let us know what are the issues you are facing? Which laws or regulatory compliance are you facing? How are you dealing with them? Are they distracting you from doing actual security work? Are you dealing with attempting compliance with conflicting and vaguely worded interpretations of statutes and industry regulatory bodies?

Cheers,
Adrien de Beaupré
Bell Canada

Keywords:
0 comment(s)
Diary Archives