[OWASP-Ireland] HTML malware

eoin.keary at ritsgroup.com eoin.keary at ritsgroup.com
Mon Feb 27 11:16:30 EST 2006


Yep,
sounds to me like a certain element of  recon/statistical gathering :0)

Thing is, do application firewalls or client side security look for 
malicious data in comments or should they?


**********************************
Eoin Keary CISSP
Senior Consultant
Rits Information Security
2052  Castle  Drive
Citywest Business Campus
Co. Dublin

Tel:  353 (01) 642 0500
Fax: 353 (01) 466 0468
Email: eoin.keary at ritsgroup.com
Web: www.ritsgroup.com
**********************************
This email contains information which may be confidential or privileged. 
The information is intended solely for the use of the individual or entity 
named above.  If you are not the intended recipient, be aware that any 
disclosure, copying, distribution or use of the contents of this 
information is prohibited.  If you have received this electronic 
transmission in error, please notify me by telephone or by electronic mail 
immediately. Any opinions expressed are those of the author, not Rits. 
This email does not constitute either offer or acceptance of any 
contractually binding agreement. Such offer or acceptance must be 
communicated in writing. 




"Tony Palmer" <tony.palmer at vordel.com>
27/02/2006 15:22

 
        To:     <eoin.keary at ritsgroup.com>
        cc: 
        Subject:        RE: [OWASP-Ireland] HTML malware


Hmm,
   Install yourself and wait for instructions. Ill bet whats in between 
the comment tags are base64 encoded execution commands, or similar. This 
is somebody setting up a zombie network possibly for sale. The number of 
hits on his site being a count of how many machines are at his disposal. 
Neat.
T
-----Original Message-----
From: owasp-ireland-admin at lists.sourceforge.net 
[mailto:owasp-ireland-admin at lists.sourceforge.net] On Behalf Of eoin.keary at ritsgroup.com
Sent: 27 February 2006 14:50
To: owasp-ireland at lists.sourceforge.net
Subject: [OWASP-Ireland] HTML malware


http://isc.sans.org/diary.php?storyid=1147 


Hi, 
Good document on some malware guys at SANS found. Raises some interesting 
ways  in which malware is going. 



**********************************
Eoin Keary CISSP
Senior Consultant
Rits Information Security
2052  Castle  Drive
Citywest Business Campus
Co. Dublin

Tel:  353 (01) 642 0500
Fax: 353 (01) 466 0468
Email: eoin.keary at ritsgroup.com
Web: www.ritsgroup.com
**********************************
This email contains information which may be confidential or privileged. 
The information is intended solely for the use of the individual or entity 
named above.  If you are not the intended recipient, be aware that any 
disclosure, copying, distribution or use of the contents of this 
information is prohibited.  If you have received this electronic 
transmission in error, please notify me by telephone or by electronic mail 
immediately. Any opinions expressed are those of the author, not Rits. 
This email does not constitute either offer or acceptance of any 
contractually binding agreement. Such offer or acceptance must be 
communicated in writing. 

This e-mail is business-confidential and may be privileged. If you are not
the intended recipient, please notify us immediately and delete it. If the
email does not relate to Vordel's business then it is neither from nor
authorized by Vordel. Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-ireland/attachments/20060227/1ab4fd68/attachment.html 


More information about the Owasp-ireland mailing list