A new worm utilizing the MS05-039 vulnerability has became a major outbreak. More coverage upcoming. Details IRCBot is a fast-spreading worm affecting systems not patched for the MS05-039 vulnerability. Infected machines will reboot frequently, as well as connect to an IRC server and await further instructions...
Posted to
Security Manifest
(Weblog)
by
trafton
on
08-16-2005
Filed under: VIRUSES, SECURITY, Security (Medium), Security (Urgent), Viruses (Medium), Viruses (Urgent), Security (Very Urgent), Viruses (Very Urgent)
A new version of the extensive and successful MyDoom worm family has appeared. Fortunately, like many recent variants, this version has got off to a slow start and is unlikely to become a major threat. Details MyDoom.CF was discovered Tuesday, June 28th, 2005. It is a standard MyDoom family member, faking...
We are currently carefully tracking developing threats centered around vulnerabilities in the Windows operating system. As the Internet Storm Center (sans.org) puts it: The holiday news continues to be bleak, with a pair of critical vulnerabilities for Windows NT/2000/2003/XP. First, unless you're running...
PERL.Santy is a worm that utilized the search engine Google in order to search for vulnerable web sites running phpBB software. phpBB 2.0.10 is affected; 2.0.11 is not. Vulnerable web sites will have this at the footer: Powered by phpBB 2.0.10 © 2001 phpBB Group Yet again, F-Secure's weblog did...
Thanks to Harry Waldron for the alert on this threat. Recently I mentioned on this blog that the Microsoft GDI+ Library JPEG Segment Length Integer Underflow vulnerability described in Microsoft Security Bulletin MS04-028 . Now we have the first example of a non-proof of concept use of this vulnerability...
Breaking News: "Ject" Downloader Exploits Unpatched Servers, IE A downloader known as Ject has been isolated in the wild and is believed to currently be affecting IIS web servers and Windows 2000 servers that have not applied update 835732, which is fully addressed in Security Bulletin MS04-011, available...
February Vulnerability Used Antivirus company Kaspersky Labs has posted a press release claiming that the Trojan Horse downloader Agent has been spammed to a moderate number of addresses using an infective .BMP form and a vulnerability discovered after a Windows source code leak in February of this year...
BREAKING NEWS: Sasser Goes Medium McAfee has just upgraded W32/Sasser.worm (which uses MS04-011) to Medium risk reflecting the amount it has spread. I personally have received a number of reports of this worm being in the wild. All users should upgrade immediately. A new Stinger detection is available...
Posted to
Security Manifest
(Weblog)
by
trafton
on
05-01-2004
Filed under: VIRUSES, SECURITY, Security (Medium), Security (Urgent), Viruses (Medium), Viruses (Urgent), Security (Very Urgent)
BREAKING NEWS: Internet Storm Center Announces Troubling New Phatbot Variant The Internet Storm Center has announced the discovery of yet another variant of the “Phatbot” family of worms. This variant appears to exploit a recent vulnerability. This would be the first worm to do so. From the diary of...