Re: Email based attack on University

To: debian-user@lists.debian.org
Subject: Re: Email based attack on University
From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
Date: Thu, 3 Oct 2019 20:23:20 +1000
Message-id: <[🔎] 9cfae1b9-ddab-06d3-3212-c973644450b6@affinityvision.com.au>
In-reply-to: <[🔎] abe6bd35-d6ea-d760-80f6-257ba6983e99@gmail.com>
References: <[🔎] dc2186e3-138a-ba0e-3243-fd7766b24db2@gmail.com> <[🔎] 54ee1ddd-6324-4f70-8517-942c4a8e63aa@www.fastmail.com> <[🔎] 20191002124111.GA14534@smallapple.localnet> <[🔎] qn2lqs$qjo$1@blaine.gmane.org> <[🔎] 02102019195319.d6e6601d48d9@desktop.copernicus.org.uk> <[🔎] abe6bd35-d6ea-d760-80f6-257ba6983e99@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

On 3/10/19 10:28 am, Keith Bainbridge wrote:
...

Well, given the fact that too many emails these days are HTML type;
ala web based.... they are suspect to email programs running
javascript and/or other scripting languages due to default settings.

The most likely suspect is scripting of some kind, which /may/ come in
to play to render the HTML email content when previewed.  It is also
possible that other scripting languages, particularly on Winblows will
be automatically ran during preview.

There have been numerous bugs with LookOut (otherwise known as
Outlook), running scripts and having other vulnerabilities due to
preview pane being open.  I try to encourage people NOT to have a
preview pane, but people will still do what they want even if you tell
them it is potentially dangerous.

Kind Regards
AndrewM
-----BEGIN PGP SIGNATURE-----

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXZXMEgAKCRCoFmvLt+/i
+xAvAQC0d92aSRBieRBh5wN2v8QnCL/DSNRd4j2y447EKziTcAEAwrzXxZPca7t4
E7Wjo7mSO4hlz2fEwYYhvS0GnhWU2mc=
=7Wj4
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Email based attack on University
  - From: rhkramer@gmail.com

References:
- Email based attack on University
  - From: Keith Bainbridge <keithrbau@gmail.com>
- Re: Email based attack on University
  - From: "Jeremy Nicoll" <jn.ml.dbn.25@letterboxes.org>
- Re: Email based attack on University
  - From: Henning Follmann <hfollmann@itcfollmann.com>
- Re: Email based attack on University
  - From: deloptes <deloptes@gmail.com>
- Re: Email based attack on University
  - From: Brian <ad44@cityscape.co.uk>
- Re: Email based attack on University
  - From: Keith Bainbridge <keithrbau@gmail.com>

Prev by Date: kernel unsigned
Next by Date: Package conflict apcupsd and nut-client
Previous by thread: Re: Email based attack on University
Next by thread: Re: Email based attack on University
Index(es):
- Date
- Thread