|
From: Steven Kaeser <steve.nul> Date: Fri, 5 Mar 2004 09:12:01 -0500 Fwd Date: Fri, 05 Mar 2004 10:10:06 -0500 Subject: Re: New Virus Threat - Kaeser >From: Terry Groff <terry.nul> >To: <ufoupdates.nul> >Date: Thu, 4 Mar 2004 15:39:39 -0600 >Subject: Re: New Virus Threat >>From: Dan Bright <ufo.nul> >>To: ufoupdates.nul >>Date: Thu, 04 Mar 2004 18:43:55 -0000 >>Subject: New Virus Threat >>Listers, >>Beware. >>I today received the "Bagle.K" virus/worm, which went un- >>detected by both the anti-virus defences on my host server and >>my local machine. Luckily I suspected this was indeed a virus, >>and therefore the security of my system was not compromised. >>However, this particular event serves to highlight just how >>insidious these viruses are becoming. <snip> >I have received several of these in the last couple of days. >Fortunately I could tell immediately that they were bogus >because they came from a nonexistent email address from my own >mail server. I don't have a "support_at_terrygroff.com". Plus >MailWasher allows me to view the text and headers before I >actually DL it to my PC. The .zip file is password protected to prevent many AV products from scanning it. This relies on the 'dumb human' to open the email, save the attached .zip, open it, and then enter a password to access the infector file. If run, the system will likely not be able to scan it as it loads into memory and you're infected. The Bagle variants are part of the cyber war going on between two anonymous groups, who are compeition with each other, and this past week has been a real mess for those of us who support AV deployment. Steve
[ Next Message | Previous Message | This Day's Messages ]
This Month's Index |
UFO UpDates - Toronto - Operated by Errol Bruce-Knapp