Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New Phishing Technique / Vulnerability Data Base Resource - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Phishing Technique / Vulnerability Data Base Resource
New Phishing Technique
A new phishing attack technique was discovered today in a Citibank scam targeting Citibank customers.
In this technique "the Address bar on the browser is spoofed, using Javascript and frames, the real address bar is suppressed and despite the HTTPS callout in the Address bar, there is no SSL padlock present in the lower corner of the browser."
References: http://www.antiphishing.org/phishing_archive/Citibank_3-31-04.htm
Open Source Vulnerability Data Base
The Open Source Vulnerability Data Base Project made an announcement today about the public availability usage of the Open Source Vulnerability Data Base.
This base intends to be " an open project to collect and distribute vulnerability information freely to everyone" .
" The OSVDB collects vulnerability data on every type of computer software and
operating system. Like other open-source projects, the OSVDB depends on the
wide expertise of its contributors to provide dependable information on many
technologies and security problems. The project's open-source license makes
the results freely available to users worldwide."
The project can be found at http://www.osvdb.org
Pretty calm day today...

Tomorrow is April 1st. Be careful about what you read...
-------------------------------

Pedro Bueno (bueno_AT_ieee.org)
I will be teaching next: Defending Web Applications Security Essentials - SANS Munich July 2019

Johannes

3537 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!