lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: PerrymonJ at bek.com (Perrymon, Josh L.) Subject: RE: new outbreak warning - Bagle What am I missing about this worm? How many companies allow *.exe attachments @ the perimeter? Then allow 6777 outbound. I'm speculating that small shops / home users are the largest targets. But *shouldn't* enterprise solutions stop this. Say that a remote user with no desktop firewall and old defs got infected... THEN--- the user connects to the core switch.. It's only going to spread with the emails collected off the HD right? Because it doesn't exploit another *wndoze vuln it has an .exe payload...? -JP -----Original Message----- From: Gadi Evron [mailto:ge@...tistical.reprehensible.net] Sent: Sunday, January 18, 2004 11:01 PM To: bugtraq@...urityfocus.com Cc: full-disclosure@...ts.netsys.com Subject: new outbreak warning - Bagle This possible worm outbreak warning was received on TH-Research (The Trojan Horses Research Mailing List) from Moosoft Development (www.moosoft.com) a few hours ago. AV and AT firms have had a few hours to update their databases. Info can be found only on Kaspersky's web page, so far: http://www.viruslist.com/eng/alert.html?id=783050 Let's hope it is stopped before it can do too much damage! This email comes and an heads-up and FYI so you can take measures to stop it. Gadi Evron The Trojan Horses Research Mailing List - http://ecompute.org/th-list
Powered by blists - more mailing lists