Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: 12/23/03 CitiBank/Visa Account Phishing, ISS IE URL Spoofing filter, Dameware scanning, Apple patch links - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
12/23/03 CitiBank/Visa Account Phishing, ISS IE URL Spoofing filter, Dameware scanning, Apple patch links
"Good will towards everyone"



A current Visa/CitiBank account phishing e-mail has been posted by CitiBank at

http://www.citi.com/domain/spoof/report_abuse.htm

At the website select the
"Date: 12/23/03 Subject: Visa Security Update (report it)"
link where CitiBank has posted solid security recommendations and screenshots
of the phony e-mail and it's pop-up's.



Defeat Phishing E-mail URL spoofing - ISS's Internet Explorer URL Spoofing
patch

Although there is not a Microsoft patch yet for the severe
vulnerability being actively exploited using Internet Explorer URL
obfuscation and html based "phishing" e-mails. But thanks to the super work
by Internet Security Systems I'll be giving family and acquaintences a
Holiday patch for the Microsoft Internet Explorer domain URL spoofing
vulnerability. And don't we all have family and acquaintances that need it.
The free Internet Security Systems tool is available at the following address:

http://www.iss.net/support/product_utilities

"Microsoft Internet Explorer domain URL spoofing filter.

ISS has developed a tool that will plug-in to Internet Explorer and filter
hostile URLs that exploit this vulnerability. This tool is designed to strip
hostile redirection from URLs and send users to the legitimate URL, instead
of a rogue Web server."

http://www.iss.net/support/product_utilities/domainspooffilter/
Dameware - Port 6129 scanning

The number of "Sources" detected scanning Port 6129 is steadily increasing.
Since December 19th, the reported number of "sources" scanning Port 6129
has risen by one thousand systems. URL:
http://isc.incidents.org/port_details.html?port=6129
Apple Security Updates

http://docs.info.apple.com/article.html?artnum=61798

Last Updated: 2003-12-22

Apple Security Updates

Article ID:61798

Created: 11/15/02

Modified: 12/22/03

Security Update 2003-12-19 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8
Server

Security Update 2003-12-19 for Mac OS X 10.3.2 "Panther" and Mac OS X 10.3.2
Server


Patrick Nolan
Patrick

193 Posts

Sign Up for Free or Log In to start participating in the conversation!