lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <43DE706B.1070209@linuxbox.org>
Date: Mon, 30 Jan 2006 22:00:43 +0200
From: Gadi Evron <ge@...uxbox.org>
To: bugtraq@...urityfocus.com
Cc: "FunSec \[List\]" <funsec@...uxbox.org>,
	"full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: CME-24 (BlackWorm) Users' FAQ


This FAQ was authored by members of the TISF BlackWorm task force 
(specifically the MWP / DA groups and the SANS ISC handlers).

The purpose is both to provide with a resource for concerned users and 
network administrators, as well as to be a level-headed myth-free source 
on the subject.

There seems to be excessive media hype as well as some 
"end-of-the-world" type predictions. The end of the world is not coming 
and most of us will still be here after February 3rd, but this is a 
serious issue for those who *are* infected and we didn't manage to get to.

The FAQ can be found at:
http://isc.sans.org/blackworm
http://blogs.securiteam.org

--

"300,000 infected users worldwide is not a terribly large amount when 
compared to previous worms like Sober or Mydoom. However, with this worm 
it isn't the quantity of infected users, it is the destructive payload 
which is most concerning."
-- Joe Stewart, LURHQ (http://www.lurhq.com/blackworm-stats.html)

	Gadi.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ