Berkeley CSUA MOTD:Entry 36354
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/28 [General] UID:1000 Activity:popular
5/28    

2005/2/21-22 [Computer/SW/Security] UID:36354 Activity:kinda low
2/21    I just got a PayPal spam mail asking me to confirm my PayPal account.
        It says to go here: http://202.108.69.147/webscr which obviously is
        a fraud, but omg it looks 100% authentic and everything looks exactly
        like PayPal. I'm very impressed at scammers and their sophistications.
        \_ Yeah, it's downright eerie how people can use HTML to fake other
           sites.
            \_ try logging in with a wrong password, then a right password.
               See what happens? It's not trivial. Make sure to change your
               password to something new after this experiment.
               \_ Yeah, it's downright eerie how people can use HTML and
                  basic perl to fake other sites.
        \_ Have some fun with it with a browser running in a vmware session,
           fake username/password, and some basic xss exploits.  Dump the
           whole session into ethereal, and if you're not concerned about
           engaging in wire fraud and other illegal stuff, for bonus points
           see what hilarious vulnerabilities you can find on their box and
           on others they run.  -John
           \_ Yeah.  I found a list of ATM numbers and PINs and CC numbers on
              one site.
ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/05/28 [General] UID:1000 Activity:popular
5/28    

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil
8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
Cache (428 bytes)
202.108.69.147/webscr -> 202.108.69.147/webscr/
Up | Log In | Help Welcome Send Money Request Money Merchant Tools Auction Tools Member Log In Secure Log in Registered users log in here. Be sure to protect your pas sword. Email Address: Password: Forget your password? New users sign up here! It only takes a minute. Log In About | Accounts | Fees | Privacy | Security Center | User Agreement | Developers | Referrals | Shops Copyright 1999-2004 PayPal. All rights reserved.