Ethical Phishing

Tecniche spammer cover Giacomo Lanzi

Tecniche spammer: come sfruttano la posta elettronica?

Lo spam sembra arrivare ad ogni singolo account di posta elettronica che usiamo, non importa quanto siamo attenti o quale sia il provider dell’indirizzo. Come fanno gli spammer ad avere tutti i nostri indirizzi e-mail? Possiamo fare qualcosa per nascondere il nostro indirizzo e-mail alle più comuni tecniche spammer? Sfortunatamente, non c’è molto che tu possa fare per evitare che…

Zombie Phishing protezione Giacomo Lanzi

Zombie phishing: attenzione alle email, potrebbero essere zombie

Dal nulla, qualcuno risponde a una conversazione email datata mesi fa. Si tratta di una conversazione vera che è realmente accaduta. Forse riguarda una riunione, un’opportunità di lavoro. Questa email sembra molto rilevante, ma attenzione, potrebbe essere zombie phishing. Infatti, qualcosa non va, l’argomento discusso è passato da mesi e ora c’è uno strano messaggio di errore nel corpo della…

Cos'e' il phishing - Cover Giacomo Lanzi

Cos’è il phishing? Capire e individuare attacchi di ingegneria sociale

Il phishing è un tipo di attacco di ingegneria sociale spesso utilizzato per rubare i dati degli utenti, comprese le credenziali di accesso e i numeri delle carte di credito. Si verifica quando un aggressore, mascherato da un’entità fidata, inganna una vittima ad aprire un’e-mail, un messaggio istantaneo o un messaggio di testo. Il destinatario viene quindi indotto a cliccare…

Condividi


RSS

Piu’ articoli…

Categorie …

Tags

RSS CSIRT

RSS Dark Reading:

RSS Full Disclosure

  • Defense in depth -- the Microsoft way (part 73): ignorance (of security advisories) is bliss! Marzo 9, 2021
    Posted by Stefan Kanthak on Mar 08Hi @ll, (published by some "Microsoft Security Response Center") as well as MSDN , TechNet alias MSKB , and
  • Unholy CRAP: Moziila's executable installers Marzo 9, 2021
    Posted by Stefan Kanthak on Mar 08Hi @ll, back in 2015 and 2016, I disclosed several BLOODY beginner's errors alias epic failures in Mozilla's PERMANENTLY vulnerable executable installers for Windows, built by completely incompetent tinkerers: * Defense in depth -- the Mozilla way: return and exit codes are dispensable alias and
  • Backdoor.Win32.Agent.bjev / Insecure Permissions Marzo 9, 2021
    Posted by malvuln on Mar 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/35cf54a19efcdeaa41899647075c7ef9.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure Permissions Description: Agent.bjev creates an insecure dir named "Windupdt" under c:\ drive, granting change permissions (C) to the authenticated user group. Standard users can rename...
  • Backdoor.Win32.GTbot.c / Insecure Permissions Marzo 9, 2021
    Posted by malvuln on Mar 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/8c2acfcc60dda52db9bd9a934284b673.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.GTbot.c Vulnerability: Insecure Permissions Description: GTbot creates an insecure dir called "WINNT" under c:\ drive and grants change permissions (C) to the authenticated user group. Standard users can rename the malware...
  • BACKDOOR.WIN32.ANTILAM.14.O / Unauthenticated Remote Command Execution Marzo 9, 2021
    Posted by malvuln on Mar 08Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/3f3ee9dce39e816b4001bd6ae66e8f1a.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.o Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP ports 47891 and 29559. Third party attackers who can reach infected systems can execute commands made available by the...
  • Advisory ID: VMSA-2021-0002 Marzo 9, 2021
    Posted by ???????????? on Mar 08dear all     https://www.vmware.com/security/advisories/VMSA-2021-0002.html     Does the above link include version vcenter6.0 and esxi6.0?
  • APPLE-SA-2021-03-08-4 watchOS 7.3.2 Marzo 9, 2021
    Posted by Apple Product Security via Fulldisclosure on Mar 08APPLE-SA-2021-03-08-4 watchOS 7.3.2 watchOS 7.3.2 addresses the following issue. Information about the security content is also available at https://support.apple.com/HT212223. WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was […]
  • APPLE-SA-2021-03-08-3 Safari 14.0.3 Marzo 9, 2021
    Posted by Apple Product Security via Fulldisclosure on Mar 08APPLE-SA-2021-03-08-3 Safari 14.0.3 Safari 14.0.3* addresses the following issue. Information about the security content is also available at https://support.apple.com/HT212222. WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed […]
  • APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3 Marzo 9, 2021
    Posted by Apple Product Security via Fulldisclosure on Mar 08APPLE-SA-2021-03-08-2 macOS Big Sur 11.2.3 macOS Big Sur 11.2.3 addresses the following issue. Information about the security content is also available at https://support.apple.com/HT212220. WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue […]
  • APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1 Marzo 9, 2021
    Posted by Apple Product Security via Fulldisclosure on Mar 08APPLE-SA-2021-03-08-1 iOS 14.4.1 and iPadOS 14.4.1 iOS 14.4.1 and iPadOS 14.4.1 addresses the following issue. Information about the security content is also available at https://support.apple.com/HT212221. WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th […]

Customers

Newsletter