tag:blogger.com,1999:blog-13756280.post113840181058349687..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: Advanced Web Attack Techniques using GMailJeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger13125tag:blogger.com,1999:blog-13756280.post-33240682274669775362016-03-13T16:47:16.994-07:002016-03-13T16:47:16.994-07:00followfollowCustomer Servicehttps://www.blogger.com/profile/04591825899954305627noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-33315875106755909842011-07-11T03:21:14.511-07:002011-07-11T03:21:14.511-07:00You should avoid using script or any type of attac...You should avoid using script or any type of attachment besides PDF. Many corporate mailboxes as well as virus filters block attachments that end in .exe, .avi, .swf, .zip, etc.Data Protection Australiahttp://www.compu-stor.com.au/our-services/destruction-services.aspxnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-26886443198700208412011-05-12T09:44:39.886-07:002011-05-12T09:44:39.886-07:00I emailed google the problem but i don't think...I emailed google the problem but i don't think they understand. is there a way you can tell your google friend . thankscialishttp://kirtilasers.com/products/cialis.htmnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-37893174334718493122011-03-21T09:56:39.286-07:002011-03-21T09:56:39.286-07:00What are Richie McCaw's ball retention and att...What are Richie McCaw's ball retention and attack techniques and could you say he is an aggressive player?Silver MLMhttp://www.cointree.com/noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-34524110479442033372008-01-19T17:06:00.000-08:002008-01-19T17:06:00.000-08:00Hello,I'm German national and a gmail user... - wi...Hello,<BR/>I'm German national and a gmail user... - without technical knowledge<BR/><BR/>I urgently need help with a similiar problem. CONTACT DATA IS ACCESSED in my gmail account.<BR/><BR/>I always clear my folder "temporary internet files". By chance I realised 2 days ago that there was a cookie of which the mail id of an acquaintance was part of. This was an email id which I myself haven't used for 3 years. <BR/><BR/>It was clear for me that my account is spyed out. I observed the cookies after each log-in and it happened with 5 other addresses now: all of them were part of a cookie. None of the addresses (part of a contact list with 300 mail ids) I myself have used since years!<BR/><BR/>There is also an authentication cookie which looks like a program file and which was never there before during all the years I used gmail.<BR/><BR/>Furthermore there are cookies with question marks and squares. <BR/><BR/>Please help me!!! I don't know what to do.<BR/><BR/>This is another mail address of mine:<BR/>online_too_often@hotmail.comAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-64172245259371798722008-01-16T15:37:00.000-08:002008-01-16T15:37:00.000-08:00A new twist. My gmail account was open and a spam...A new twist. My gmail account was open and a spam email was sent to all my contacts with the text below with a bunch of links to electronic junk for sale. All of my contacts were then deleted. Someone is getting through GMail security.<BR/><BR/>------------------------------------<BR/><BR/>Dear friend,<BR/>I would like to introduce a good company who trades mainly in electornic products.<BR/>Now the company is under sales promotion,all the products are sold nearly at its cost.<BR/>They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you!<BR/>It is realy a good chance for shopping.just grasp the opportunity,Now or never!<BR/>The web address: www.lrq0710.comAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-91846532056624058842007-07-31T11:48:00.000-07:002007-07-31T11:48:00.000-07:00Yesterday, my gmail account has been attacked. the...Yesterday, my gmail account has been attacked. they changed the password since I can't access the account. also when i try to reset the password, i never get the email to do so into my secondary email account. any thoughts on how to proceed. I emailed google the problem but i don't think they understand. is there a way you can tell your google friend . thanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-40363355457410217852007-04-03T02:06:00.000-07:002007-04-03T02:06:00.000-07:00Fortify has now published a general document addre...Fortify has now published a general document addressing this class of vulnerability with some good suggestions for defense.<BR/><BR/>http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdfAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-7785745738174240922007-03-06T05:48:00.000-08:002007-03-06T05:48:00.000-08:00jimbojw> Good point. My comment was before I lear...jimbojw> Good point. My comment was before I learned more about forced browser referer spoofing. Amit Klein has found issues in both IE and Flash that allows a bad guy to alter a referer while performing a CSRF'ed request.<BR/><BR/>http://www.webappsec.org/lists/websecurity/archive/2005-09/msg00019.html<BR/>http://www.webappsec.org/lists/websecurity/archive/2006-07/msg00069.html<BR/><BR/>Referers continue to be things that are not to be trusted. I guess its still OK to use them as a backup security measure to make an attack harder, just don't rely on it.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-51592667878414668972007-03-05T14:39:00.000-08:002007-03-05T14:39:00.000-08:00> Make sure the file cannot be accessed by anyt...<I>> Make sure the file cannot be accessed by anything with an off-domain referer.</I><BR/><BR/>This is nice in theory, but it doesn't account for the null referrer case (which you really can't disable). If the attacker's goal is to harvest a lot of data, those who use proxies or have referrers disabled may be enough.<BR/><BR/>Blocking non-null off-site referrers is a nice thing to do, but is not a catchall solution.<BR/><BR/>Note: I'm sure you understand this, Jeremiah, this comment is mostly for your readers.jimbojwhttps://www.blogger.com/profile/01150872829875618738noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-43745818744647009982007-01-02T04:36:00.000-08:002007-01-02T04:36:00.000-08:00indeed. Reminds me a bit of BSE warners back in 19...indeed. Reminds me a bit of BSE warners back in 1984, when no one would ever have thought that this disease would ever spread. But it's no breaking news isn't it? Try to close the door after the horse has left the barn...good luck.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-74894107299051841772007-01-01T23:54:00.000-08:002007-01-01T23:54:00.000-08:00And now it has happened...And now it has happened...Anonymoushttps://www.blogger.com/profile/13580535510857085157noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-48687422367307673342007-01-01T07:32:00.000-08:002007-01-01T07:32:00.000-08:00Updated attack information here:
http://cyber-know...Updated attack information here:<br />http://cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/SarahCLarsonhttps://www.blogger.com/profile/05452730142581916980noreply@blogger.com