Re : And now about phishing...
Hi, thanks for sharing this phishing technique . but it can be handle easily in email server . RegardsDeepak Singhal From: "Dusan Stojicevic" MailId : [68261406]To: "ua-discuss" Subject: [UA-discuss] And now about phishing...Date: 19 Apr 2017 12:24:34 AM Interesting and possible> https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/ Cheers, Dusan Virus-free. www.avast.com Do not Remove:[HID]20170419002433157[-HID] [XGENFOOTER] [-XGENFOOTER]
A different, but related, security risk is malicious homoglyphs in source code. In languages like Go (which directly supports Unicode strings), the source code could contain confusable strings leading to exploits (for instance, substituting a legitimate code library with a malicious one that has a look-alike name). Here is a library in Go that does source-code scans for confusables: https://github.com/NebulousLabs/glyphcheck satish On Wed, Apr 19, 2017 at 10:23 AM, deepak <deepak.singhal@dil.in> wrote:
Hi,
thanks for sharing this phishing technique . but it can be handle easily in email server .
Regards Deepak Singhal
------------------------------ *From:* "Dusan Stojicevic" <dusan@dukes.in.rs> MailId : [68261406] *To:* "ua-discuss" <UA-discuss@icann.org> *Subject: *[UA-discuss] And now about phishing... *Date:* 19 Apr 2017 12:24:34 AM
Interesting and possible>
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/
Cheers,
Dusan
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> Do not Remove: [HID]20170419002433157[-HID]
[XGENFOOTER]
[-XGENFOOTER]
Another one on the issue… getting more and more media attention, it seems… https://www.theregister.co.uk/2017/04/18/homograph_attack_again/ Cheers, Dusan From: sb.inapp@gmail.com [mailto:sb.inapp@gmail.com] On Behalf Of Satish Babu Sent: Wednesday, April 19, 2017 7:07 AM To: deepak <deepak.singhal@dil.in> Cc: `dusan stojicevic` <dusan@dukes.in.rs>; `ua-discuss` <ua-discuss@icann.org> Subject: Re: [UA-discuss] Re : And now about phishing... A different, but related, security risk is malicious homoglyphs in source code. In languages like Go (which directly supports Unicode strings), the source code could contain confusable strings leading to exploits (for instance, substituting a legitimate code library with a malicious one that has a look-alike name). Here is a library in Go that does source-code scans for confusables: https://github.com/NebulousLabs/glyphcheck satish On Wed, Apr 19, 2017 at 10:23 AM, deepak <deepak.singhal@dil.in <mailto:deepak.singhal@dil.in> > wrote: Hi, thanks for sharing this phishing technique . but it can be handle easily in email server . Regards Deepak Singhal _____ From: "Dusan Stojicevic" <dusan@dukes.in.rs <mailto:dusan@dukes.in.rs> > MailId : [68261406] To: "ua-discuss" <UA-discuss@icann.org <mailto:UA-discuss@icann.org> > Subject: [UA-discuss] And now about phishing... Date: 19 Apr 2017 12:24:34 AM Interesting and possible> https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/ Cheers, Dusan <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> Virus-free. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> www.avast.com Do not Remove: [HID]20170419002433157[-HID] [XGENFOOTER] [-XGENFOOTER] --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
What does “easily” mean? A record in your blacklist? From: <ua-discuss-bounces@icann.org> on behalf of deepak <deepak.singhal@dil.in> Date: Wednesday, April 19, 2017 at 12:53 AM To: Dusan Stojicevic <dusan@dukes.in.rs>, "UA-discuss@icann.org" <ua-discuss@icann.org> Subject: [EXTERNAL] [UA-discuss] Re : And now about phishing... Hi, thanks for sharing this phishing technique . but it can be handle easily in email server . Regards Deepak Singhal ________________________________ From: "Dusan Stojicevic" <dusan@dukes.in.rs> MailId : [68261406] To: "ua-discuss" <UA-discuss@icann.org> Subject: [UA-discuss] And now about phishing... Date: 19 Apr 2017 12:24:34 AM Interesting and possible> https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/ Cheers, Dusan [mage removed by sender.]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaig...> Do not Remove: [HID]20170419002433157[-HID] [XGENFOOTER] [-XGENFOOTER]
participants (4)
-
deepak -
Dusan Stojicevic -
Satish Babu -
Tan Tanaka, Dennis