Self-pwned: Black Hat says soz for phishing attack scare
Looked like phish, smelled like phish, but was just a cock-up
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Black Hat conference Organisers of the annual Black Hat conference have apologised after an estimated 7,500 conference delegates received a suspicious email yesterday resembling a phishing attack.
The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on-site registrations for this week's Las Vegas conference, "pressed the wrong button" on a mail-out webform, the organisers explained.
The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure.
There are "no signs of compromise" said Trey Ford, general manager at Black Hat. Organisers acknowledged the security snafu minutes after the Sunday mail-out, diffusing any potential criticism.
Even so the incident is likely to become a candidate for the Pwnie Awards, Black Hat's answer to the Golden Raspberry Awards.
The offending email smelled a little phishy for number of reasons – not least because it came from an organisation other than Black Hat and invited action in a link supplied in an email that didn't even point to a Black Hat site. The link in the email was broken, however, so if it were a phish, it was never one that was going to work anyway.
A screenshot of the offending email, together with additional security commentary, can be found in a blog post by Paul Ducklin of Sophos here. ®
COMMENTS
Journalistic conventions.
The dodgy email, informing entrants of a supposed password reset, was sent out after a volunteer with ITN International, the third-party firm handling on-site registrations for this week's Las Vegas conference, "pressed the wrong button" on a mail-out webform, the organisers explained.
The convention in journalism is that if you put quote marks around a sentence and attribute it to someone, it should be an actual verbatim quote from the source referenced. The words "pressed the wrong button" do not appear anywhere on that page you linked to (https://www.blackhat.com/html/latestintel/07222012-USA-Reg-Email.html), and in fact the page itself makes it quite clear that, contrary to your re-interpretation of the story, it was not an accidental pressing of the wrong button, but an entirely deliberate malicious/hoax/prank action by a user with the appropriate permissions to their email broadcast system. The "wrong button" interpretation was speculation from the *other* post that you linked to, and by placing the quote in the context of the organiser's reply, you have misattributed it. I think you should fix that.
"an abuse of functionality"
Whatever next? A molestation of the OK button?
"This feature has since been removed as a precautionary measure"
I suggest you unmount the power supply, too.
Yeah, no rush to fix that.
Do you actually care or not? Are you just saying "Oh hell, it's only the Register, nobody cares about honesty or accuracy anyway"? How wrong does it have to be before you do care?
signed,
Disappointed of Tunbridge Wells.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
