Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New Phishing Technique / Vulnerability Data Base Resource - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Phishing Technique / Vulnerability Data Base Resource
New Phishing Technique
A new phishing attack technique was discovered today in a Citibank scam targeting Citibank customers.
In this technique "the Address bar on the browser is spoofed, using Javascript and frames, the real address bar is suppressed and despite the HTTPS callout in the Address bar, there is no SSL padlock present in the lower corner of the browser."
Open Source Vulnerability Data Base
The Open Source Vulnerability Data Base Project made an announcement today about the public availability usage of the Open Source Vulnerability Data Base.
This base intends to be " an open project to collect and distribute vulnerability information freely to everyone" .
" The OSVDB collects vulnerability data on every type of computer software and
operating system. Like other open-source projects, the OSVDB depends on the
wide expertise of its contributors to provide dependable information on many
technologies and security problems. The project's open-source license makes
the results freely available to users worldwide."
The project can be found at
Pretty calm day today...

Tomorrow is April 1st. Be careful about what you read...

Pedro Bueno (
I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4479 Posts
ISC Handler
Apr 1st 2004

Sign Up for Free or Log In to start participating in the conversation!