tag:blogger.com,1999:blog-13756280.post7506145816509248747..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: Intranet Hacking attacks found in the WildJeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-13756280.post-86581671625555452282008-01-31T18:08:00.000-08:002008-01-31T18:08:00.000-08:00Funny thing, yesterday I was following the note on...Funny thing, yesterday I was following the note on "drive by pharming attacks in the wild" in google and found your blog, later, at home I started reading the new issue of IEEE's "Privacy & security" magazine and I found an article and somewhere in the text I read the name Jeremiah Grossman, so I recall to have read your blog a few hours ago. <BR/><BR/>BTW I was following the note because I work at the UNAM-CERT and we found the so-called "first drive-by-pharming in the wild" attack.<BR/><BR/>Greets,<BR/>Eduardo.Eduardohttps://www.blogger.com/profile/04095708627771614159noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-12326990457358551792008-01-27T03:59:00.000-08:002008-01-27T03:59:00.000-08:00old, no news here for meold, no news here for meAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-16436733127888279072008-01-25T10:21:00.000-08:002008-01-25T10:21:00.000-08:00Hi Jeremiah!This was seen as early as the 10th or ...Hi Jeremiah!<BR/><BR/>This was seen as early as the 10th or 11th of this month.<BR/><BR/>The email that was used in this attack also had a malcode attached using some then current news in Mexico about some narco operator.<BR/><BR/>More information here:<BR/><BR/>http://blog.trendmicro.com/targeted-attack-in-mexico-dns-poisoning-via-modems/<BR/><BR/>I hope this helps!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-12973478130177569672008-01-24T08:38:00.000-08:002008-01-24T08:38:00.000-08:00@Javier, thank you very much for the correction. M...@Javier, thank you very much for the correction. MUCH better data.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-35376762505632663982008-01-23T19:03:00.000-08:002008-01-23T19:03:00.000-08:00here in mexico we have been blogging about this is...here in mexico we have been blogging about this issue for almost a year now (my self, the UNAM-CERT, et. al.)<BR/><BR/>just to correct some facts: the issue is not that the dsl router doesn't have a password. the issue is that because of a vulnerability in the 2wire router (this is the router that the biggest dsl provider in mexico deploys) has a "hole" the size of a "whole galaxy" that allows anyone to configure the router even if it is password protected. <BR/><BR/>this is a really nasty bug and one that is exposing a couple of hundred thousand if not millions of users in this country.Mindfuzzerhttps://www.blogger.com/profile/00492049641222125493noreply@blogger.com