(OT) Google: "Somebody knows your password"

Xen list at xenhideout.nl
Fri Aug 4 13:00:02 UTC 2017


Volker Wysk schreef op 04-08-2017 14:53:
> Am Freitag, 4. August 2017, 17:51:47 CEST schrieb Joel Rees:
>> Well, if the OP is the target of an orchestrated attack, the poisoning
>> could actually be on another machine, maybe in the LAN or even in the 
>> ISPs
>> network. That's the reason for all the talk about https, but you 
>> should
>> still be careful.
> 
> I couldn't find a definition of "orchestrated attack" on the web. From
> what I've
> read, an "orchestrated attack" is an attack that involves multiple
> (compromised) machines. Correct?

He meant that the fishing attack would be preceded by a "set up" in 
which some infrastructure would be in place to facilitate the wider 
attack.

For example sometimes certificate authorities are compromised and used 
to issue valid certificates for domains such as google.com or 
accounts.google.com, which the certificate structure should prevent.




More information about the ubuntu-users mailing list