[nsp-sec] Question about potentially compromised email credentials
Christoph Sprongl
ch at it-austria.net
Fri Sep 18 11:13:07 EDT 2009
Gabe, out of my opionion a strong YES.
Event without AS but with email adr. data, it is possible to combine the
information and see which company could have impact of this and take steps
in mitigations.
Thx in advance!
christoph
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> A list of *potentially* compromised email credentials was harvested from
> the following server/(HTML Phishing form) over the last few days.
>
>> [URL
>> ]hxxp://www.losnaranjos23.com/phpformgenerator/use/oncedial/form1.html
>> [Status] Offline
>
> I have already reached out to eight .edu's and am trying to decide what
> to do with the remaining 55.
>
> It would be trivial for me to post a file with the following:
>
>> Email Address | Username | Password | Confirm Password
>
> but this community usually does not exchange datasets without AS
> numbers. It would probably take me an hour or so to hack together a perl
> script to resolve the MX record > hostname > IP > ASN which would allow
> me to put it in a format that is typical for this community.
>
> My question is, are *potentially* compromised email accounts as a result
> of credential dropboxes something this community is interested in?
>
> Thanks
>
> Gabe
>
> - --
> Gabriel Iovino
> Principal Security Engineer, REN-ISAC
> http://www.ren-isac.net
> 24x7 Watch Desk +1(317)278-6630
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkqzm8EACgkQwqygxIz+pTuwxQCfeAnEsyh//Gi1QeIFyWzgPUZa
> 5a4An0HaL94Ri9LLpBzvhi0MrXGc//g1
> =lOjF
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>
>
More information about the nsp-security
mailing list