Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-disclosure] Virus infections

from [Paul Craig] Network Security [Permanent Link]
Subject: RE: [Full-disclosure] Virus infections
Date: Thu, 24 Nov 2005 10:39:49 +1300 
The CIA thinks I have been going to illegal websites? What the?

The worm is packed with upx, with the section names changed. I unpacked the
exe and rebuilt the iat, if you want to grab a copy to analyze, get it from
www.pimp-industries.com/nasty.bin

I wonder how many old hippies have fallen for the old "dude, the CIA are
after you" line.




Paul Craig
Security Consultant
Security-Assessment.com

 


CONFIDENTIALITY NOTICE: 

This message and any attachment(s) are confidential and proprietary. They
may also be privileged or otherwise protected from disclosure. If you are
not the intended recipient, advise the sender and delete this message and
any attachment from your system. If you are not the intended recipient, you
are not authorised to use or copy this message or attachment or disclose the
contents to any other person. Views expressed are not necessarily endorsed
by Security-Assessment.com Limited. Please note that this communication does
not designate an information system for the purposes of the New Zealand
Electronic Transactions Act 2003. 


-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of pingywon
Sent: Thursday, 24 November 2005 8:04 a.m.
To: Geo.; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Virus infections

yes indeed this Sober virus is ramping up pretty quick.

Alot of my clients have called me today asking about emails they have 
received.

Here is all the latest info on it.

http://vil.mcafeesecurity.com/vil/content/v_137072.htm

~pingywon MCSE




----- Original Message ----- 
From: "Geo." <geoincidents@nls.net>
To: <full-disclosure@lists.grok.org.uk>
Sent: Wednesday, November 23, 2005 12:14 PM
Subject: [Full-disclosure] Virus infections




I'm getting swamped by virus infected emails here that seem to be coming
from lots of secure networks. For example

he2xmail.freddiemac.com
 4.21.132.137

has sent me hundreds of infected emails today. Anyone else seeing
compromises on financial or otherwise secure networks? This sober-u thing
seems to still be picking up speed.

Geo.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Hacking Boot camps!, senator . crabgrass
Next by Date:  Re: [Full-disclosure] Hacking Boot camps!, Dude VanWinkle
Previous by Thread:  Re: [Full-disclosure] Virus infections, pingywon
Next by Thread:  RE: [Full-disclosure] Virus infections, Debasis Mohanty
Indexes:  [Date] [Thread] [Top] [All Lists]