Re: [Full-disclosure] Virus infections

From: pingywon (pingywon_at_hotmail.com)
Date: 11/23/05

  • Next message: Koen Van Impe: "Re: [Full-disclosure] Hacking Boot camps!" 
    To: "Geo." <geoincidents@nls.net>, <full-disclosure@lists.grok.org.uk>
Date: Wed, 23 Nov 2005 14:03:35 -0500

    yes indeed this Sober virus is ramping up pretty quick.

    Alot of my clients have called me today asking about emails they have
    received.

    Here is all the latest info on it.

    http://vil.mcafeesecurity.com/vil/content/v_137072.htm

    ~pingywon MCSE

    ----- Original Message -----
    From: "Geo." <geoincidents@nls.net>
    To: <full-disclosure@lists.grok.org.uk>
    Sent: Wednesday, November 23, 2005 12:14 PM
    Subject: [Full-disclosure] Virus infections

    >
    > I'm getting swamped by virus infected emails here that seem to be coming
    > from lots of secure networks. For example
    >
    > he2xmail.freddiemac.com
    > 4.21.132.137
    >
    > has sent me hundreds of infected emails today. Anyone else seeing
    > compromises on financial or otherwise secure networks? This sober-u thing
    > seems to still be picking up speed.
    >
    > Geo.
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    > Hosted and sponsored by Secunia - http://secunia.com/
    >
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: Koen Van Impe: "Re: [Full-disclosure] Hacking Boot camps!"

    Relevant Pages

    • Re: The Myth of the secure Mac
      ... The newest variants of the Bagle family of worms were detected this morning and are designed to avoid signature-based detection, leaving many antivirus companies scrambling to respond by producing signature updates. ... So far, ESET has identified more than 13,700 emails with Win32/Bagle.DC and 2,400 emails containing Win32/Bagle.DD and the number is quickly growing. ... "Because of the speed at which new variants are proliferated through botnets, even the most rapid response from a reactive signature update is insufficient," said Andrew Lee, CTO of ESET. ... ESET's Virus Radar, a real-time malware tracking tool, immediately identified these malicious Bagle variant using ThreatSense. ...
      (comp.sys.mac.advocacy)
    • Re: The Myth of the secure Mac
      ... The newest variants of the Bagle family of worms were detected this morning and are designed to avoid signature-based detection, leaving many antivirus companies scrambling to respond by producing signature updates. ... So far, ESET has identified more than 13,700 emails with Win32/Bagle.DC and 2,400 emails containing Win32/Bagle.DD and the number is quickly growing. ... "Because of the speed at which new variants are proliferated through botnets, even the most rapid response from a reactive signature update is insufficient," said Andrew Lee, CTO of ESET. ... ESET's Virus Radar, a real-time malware tracking tool, immediately identified these malicious Bagle variant using ThreatSense. ...
      (comp.sys.mac.advocacy)
    • Re: Outlook 2000 Inbox appears empty but isnt!
      ... Many Thanks for your advice/prompt response. ... He suggested that the "Outlook Today" ... >the (insert latest virus name here) virus, ... No summary of emails listed!). ...
      (microsoft.public.outlook)
    • Re: I keep getting mass email from MS security with a virus attached
      ... to lock down broadband PC's when someone is sending emails ... got to go filter those emails now. ... >by a virus that downloaded a proxy server that allows ... >> Microsoft but the attachment is a virus. ...
      (microsoft.public.security.virus)
    • Re: Event Viewer error
      ... All our emails are scanned by Norton Antivirus before sending ... Please advise any virus that gets through ... 256 kilobyte secondary memory cache ...
      (microsoft.public.windowsxp.general)