An email recently sent to the handlers[at]sans[dot]org group has possibly described a first instance of where an attempt is made to overwrite the address bar in Internet Explorer with an image file that hides the true URL (or web page address) that an individual is visiting with a false URL.
The exact mechanism by which this happens is still under investigation.
As we are well into the biggest gift-giving season of the year, it is important to consider the effects of all those shiny, brand new computers that are soon to be unwrapped and connected to the Internet.
It is likely that many if not all of these computers will be running the Microsoft XP operating system, and that these will come out of the box with only minimal security and hardening enabled, at best.
If you know of someone who is about to receive a new computer, or if you have received one yourself, please, please read our new Windows XP survival guide,
"Windows XP: Surviving the First Day. (PDF)"
A link to this paper can be found at the bottom right of the Internet Storm Center home page (http://isc.sans.org) under the heading "ISC Analysis".
The specific link: http://isc.sans.org/presentations/xpsurvivalguide.pdf
Dec 20th 2003
1 decade ago