Thursday, April 25, 2013

firewall-wizards Digest, Vol 64, Issue 12

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: Linked-in and its Phishing-like contacts option!
(Magos?nyi ?rp?d)
2. Re: Linked-in and its Phishing-like contacts option!
(Michael D. Wood)
3. Re: Linked-in and its Phishing-like contacts option!
(Gautier . Rich)


----------------------------------------------------------------------

Message: 1
Date: Wed, 24 Apr 2013 20:40:51 +0200
From: Magos?nyi ?rp?d <mag@magwas.rulez.org>
Subject: Re: [fw-wiz] Linked-in and its Phishing-like contacts option!
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <51782733.2000308@magwas.rulez.org>
Content-Type: text/plain; charset=ISO-8859-1

On 04/23/2013 01:30 AM, Mathew Want wrote:
> Hiya all.
>
> Has anyone else noticed the option to see who else they know is
> connected on Linked-in? Have you noticed that if you click on the
> outlook button it asks you for your WORK EMAIL PASSWORD!!!!!

It's just plain bad luck. Not everyone uses outlook :)


[...]
> Am I the only one that think this is a touch negligent on the part of
> Linked-in? Or should I just accept that it is corporate facebook,
> accepts that they have the dame moral fibre and move on?
>
>

Indeed it is the corporate facebook. And it is a very good example to be
used in a security awareness pamphlet. Nice opportunity to show the
policy ("don't do that"), and the possible attack vectors associated
with it (e.g. fake linkedin phising page).
Providing your personal address book is a matter of trust between you
and LinkedIn (I personally don't have that much in any online entity as
a matter of principle).
Providing the work one is a matter of trust between your employer and
LinkedIn.

Let's make the discussion relevant here:
I guess this particular case could be yanked off with a simple url
filter on the corporate firewall.
Is there a public pattern database for these kind of URIs?

I have failed to figure out from page source how the actual address book
fetching works with a short look. I guess that would provide for smarter
ways for blocking this kind of attacks. Any good ideas?



------------------------------

Message: 2
Date: Thu, 25 Apr 2013 01:17:30 -0400
From: "Michael D. Wood" <mike@itsecuritypros.org>
Subject: Re: [fw-wiz] Linked-in and its Phishing-like contacts option!
To: "'Firewall Wizards Security Mailing List'"
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <005301ce4174$2fef8080$8fce8180$@itsecuritypros.org>
Content-Type: text/plain; charset="us-ascii"

I agree with you. LinkedIn for me is a love/hate relationship. The thing I
can't get over is the endorsements..anybody can go on there and just keep
hitting endorse, endorse, endorse..I can't see it being an option much
longer.



--

Michael D. Wood

www.itsecuritypros.org



From: firewall-wizards-bounces@listserv.icsalabs.com
[mailto:firewall-wizards-bounces@listserv.icsalabs.com] On Behalf Of Mathew
Want
Sent: Monday, April 22, 2013 7:30 PM
To: Firewall Wizards Security Mailing List
Subject: [fw-wiz] Linked-in and its Phishing-like contacts option!



Hiya all.


Has anyone else noticed the option to see who else they know is connected on
Linked-in? Have you noticed that if you click on the outlook button it asks
you for your WORK EMAIL PASSWORD!!!!!

Bloody hell! It's not like the job of getting users to not submit this
information to other sites isn't already hard enough without this!!! The
"can't put brains in pumpkins " department must be having a field day over
this.

Am I the only one that think this is a touch negligent on the part of
Linked-in? Or should I just accept that it is corporate facebook, accepts
that they have the dame moral fibre and move on?

Maybe I am expecting too much? Thoughts?

--

Regards,
M@

--
"Some things are eternal by nature,
others by consequence"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20130425/b4835d4b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6087 bytes
Desc: not available
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20130425/b4835d4b/attachment-0001.bin>

------------------------------

Message: 3
Date: Wed, 24 Apr 2013 19:26:01 +0000
From: "Gautier . Rich" <RGautier@drc.com>
Subject: Re: [fw-wiz] Linked-in and its Phishing-like contacts option!
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <F353AE63105F5A40926680302798F42877A33BAF@EXMB01.drc.com>
Content-Type: text/plain; charset="us-ascii"

Thoughts? I'm wondering why User Operational Security falls under the realm of Firewall Wizards.. Other than that, I'd say - They're not alone by any stretch of the imagination, and plenty of users seem to be perfectly willing to accept the risk (or be unaware of it). However, not much you can do on the firewall side other than turning off webmail access...

Richard Gautier, CISSP
Enterprise Architect, Federal Group
[drc-logo]
650 Massachusetts Avenue NW
Suite 510
Washington, DC 20001
Office: (571) 226-8828 | Cell: (703) 231-2156
rgautier@drc.com<mailto:rgautier@drc.com> | www.drc.com<../../Laura%20Smart/Local%20Settings/Temporary%20Internet%20Files/Content.IE5/T1YNUA8E/www.drc.com>

From: firewall-wizards-bounces@listserv.icsalabs.com [mailto:firewall-wizards-bounces@listserv.icsalabs.com] On Behalf Of Mathew Want
Sent: Monday, April 22, 2013 7:30 PM
To: Firewall Wizards Security Mailing List
Subject: [fw-wiz] Linked-in and its Phishing-like contacts option!

Hiya all.

Has anyone else noticed the option to see who else they know is connected on Linked-in? Have you noticed that if you click on the outlook button it asks you for your WORK EMAIL PASSWORD!!!!!
Bloody hell! It's not like the job of getting users to not submit this information to other sites isn't already hard enough without this!!! The "can't put brains in pumpkins " department must be having a field day over this.
Am I the only one that think this is a touch negligent on the part of Linked-in? Or should I just accept that it is corporate facebook, accepts that they have the dame moral fibre and move on?
Maybe I am expecting too much? Thoughts?
--
Regards,
M@
--
"Some things are eternal by nature,
others by consequence"
________________________________
This electronic message transmission and any attachments that accompany it contain information from DRC(r) (Dynamics Research Corporation) or its subsidiaries, or the intended recipient, which is privileged, proprietary, business confidential, or otherwise protected from disclosure and is the exclusive property of DRC and/or the intended recipient. The information in this email is solely intended for the use of the individual or entity that is the intended recipient. If you are not the intended recipient, any use, dissemination, distribution, retention, or copying of this communication, attachments, or substance is prohibited. If you have received this electronic transmission in error, please immediately reply to the author via email that you received the message by mistake and also promptly and permanently delete this message and all copies of this email and any attachments. We thank you for your assistance and apologize for any inconvenience.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20130424/2456e8c0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3624 bytes
Desc: image001.png
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20130424/2456e8c0/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 2089 bytes
Desc: image002.png
URL: <https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20130424/2456e8c0/attachment-0001.png>

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 64, Issue 12
************************************************

No comments:

Post a Comment