Для фишинговых атак на пользователей Office 365 используется Punycode.

Здесь может быть ваша реклама

Специалисты компании Avanan обнаружили новую вредоносную кампанию, направленную на хищение учетных данных Office 365. Для обхода антифишинговых фильтров Office 365 злоумышленники применяют Punycode — стандартизированный метод преобразования последовательностей Unicode-символов в ACE-последовательности, которые состоят только из алфавитно-цифровых символов, как это разрешено в доменных именах. Punycode был разработан для однозначного преобразования доменных имен в последовательность ASCII-символов.

Ранее Punycode уже применяли дли фишинговых атак, но в иной форме. Так, пользователя вынуждали кликнуть на ссылку, которая при первом рассмотрении выглядит легитимной, но на самом деле приводит на совершенно другой адрес. Такой эффект достигается путем использования букв из других алфавитов, которые внешне похожи на латинские.  К примеру, клик на http://www.pаypal.com может привести жертву на http://www.xn--pypal-4ve.com.

Однако цель новых атак – это не обман пользователя, но обман антифишинговых фильтров и других защитных систем. Злоумышленники рассылают письма, якобы от лица FedEx, и в посланиях содержатся безопасные на первый взгляд ссылки (см. верхнюю иллюстрацию). Брешь в антифишинговой защите позволяет обмануть Office 365: хотя фильтры Office 365 не видят ничего подозрительного, браузер осуществляет переход по вредоносной ссылке.


Дело в том, что по умолчанию Office 365 рассматривает домены как чистый ASCII. Эксперты приводят простой пример: домен xn--sicherheit-schlsseldienst-twc.de в виде чистого ASCII определяется как, то есть якобы относится к чистому немецкому IP-адресу в Берлине. Фильтры Office 365 пропустят такую ссылку, не заметив подвоха. На самом деле, если пользователь кликнет на ссылку, браузер преобразует адрес в Unicode и получится sicherheit-schlüsseldienst.de. Этот домен связан с другим IP-адресом ( в Ирландии), и ссылка ведет на поддельную страницу логина Office 365.


Исследователи отмечают, что данная вредоносная кампания направлена исключительно на бизнес-пользователей Office 365, даже фишинговая страница, на которую попадают жертвы, запрашивает учетные данные от аккаунта Business Email.

Источник — xakep.ru

Lyons, oakleys outlet Thomas F. Laughlin, Neal G. But I know all I need to cheap oakleys do is get to the top of Burned Mountain and look down and all my money problems are solved. Let’s ignore the fact that there is a very small lake called Turkey Lake near the summit. I am a crazed rugby fanatic who will get up at 2am to watch cheap nhl jerseys my team play. Now, I am not talking about couch rugby here, the game played on the couch with a teenage girl and teenage boy while mom and dad are asleep upstairs, and they scrum and tackle and grope each other trying to find elusive balls and jiggly bits. GOLDMAN: Oops. Oops, I dropped something. There you have it. And, that’s how you draw a football logo. You don’t want him to be awkward. «Show them a good stance here.» So, you want him to be in a good stance so he’s ready to fire off. World stocks are riding the slipstream of the first joint all time high for Wall Street’s four main markets since 1999, with the Dow, S 500, Nasdaq Composite and Russell 2000 all hitting new records. «You’ve seen at the beginning of the year that oil can have a very profound effect on equity markets,» said Jeroen Blokland, a senior portfolio manager at Robeco. The service has been in testing in cheap oakley sunglasses Seattle for a few years, and it offers the delivery of fresh foods as well as prepared meals from restaurants. Grocery delivery is no new concept; in fact, Buffett and Sons’ Grocers in Omaha, Nebraska was delivering groceries to customer back when Warren was a young lad. 1. Rapper and budding sports agent Jay Z Not sure which Fake Oakleys is more ridiculous: Jay Z demanding $310 million for second baseman Robinson Cano or the poor play of New York Jets quarterback Geno Smith. 7. Measuring in at 6 feet, 3 inches and 251 pounds, the three time All Mac selection impressed at the Combine, placing at or near the top of this positional performers in the 40 yard dash, with a time of 4.65 seconds, vertical jump at 40.0 inches, broad jump at 128.0 inches, and 20 yard shuttle at 4.18 seconds. If extra points are harder, the kick is no longer automatic. Why not try for two because you don’t understand human nature. But Cheap NFL Jerseys it’d take a trade up or seven teams passing for them to get a shot at Bortles, who plans to remain in Florida in between private workouts from now until the draft begins May 8.»I just wanted to come out and show everybody the different things I think I can do different movements, different cheap oakleys sunglasses actions, throwing all the throws, getting out of the pocket,» Bortles said. «This was a huge day.
al horford is doing it all since cheap football jerseys returningEven the journey oakley outlet to the temple was like something out of Batman Begins: to get to my school, I had to take a 24 hour train ride from cheap nfl jerseys Beijing to the closest city to Wudang. After that, it was hours of hiking through miles of rough cut stairs, passing through majestic, abandoned temples and palaces scattered throughout the mountainside, imagining all the time I will spend training in their ancient courtyards, flying through their ancient trees, and summoning their ancient dragons to do my bidding. Just . Yet both teams are 4 6. Over the next two weeks the Panthers go to the West Coast to take on Oakland and Seattle who own a combined 13 4 1 record. The Saints host the Rams and the Lions a combined 9 9 in the Superdome. Not because it makes the form easier, but because they’re very effective motions. They’re very fundamental to what we do. So I have one, two, three, four, five, and here we go. KUTCHER: Well, Ira, that’s a great question. You know, CTE means different things, depending on how you look at it. One way would be what are the changes that the brain is undergoing because of repetitive that you see under a microscope, on slides at autopsy, when you can examine the brain. The materials they are made of also vary and can range from high end leather to neoprene materials. Even the level of padding can vary. Generally form fitting golf club head covers for irons have less padding as those clubs are a bit more robust. Comparison oakley outlet shopping is always the best thing to do for purchase decision making. Buying satellite TV is no different. So you may already known DIRECTV and DISH Network are the two major players in the Satellite TV field. Ed Gove; Nell. Jesse federal government; Muriel Cadman method. Sylvia Geoffrey environment pink timberlands friendly; Mrs timberland outlet online d V Stevens. And this takes place in public and the TV cameras captured what was going Cheap NFL Authentic Jerseys on. And we saw Jason Witten, the tight end, arguing vehemently to get back in the game and he wasn’t allowed back in the game because of the new rules. Now, this doesn’t mean that things are perfect.. The NFL first. If American banks, which nobody likes, are too big to fail, then the NFL, which everybody likes, is too popular to fail. Cheap Jerseys Probably too big cheap football jerseys by now too. I believe Disney is one of the safest growth stocks on the market today. While a higher dividend yield would be favorable, the stock offers decent capital appreciation potential with its expanding asset base and the probability for additional divided increases down the road. Looking at the past 10 years the stock’s dividend has 15% CAGR, which isn’t bad, but is paid annually.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *