Hi!
I've five mails show up in my box just today all of them
have attachments with ".cpl" after the attachment name, i.e. "Price.cpl",
"Joke.cpl" (below)
http://www.f-secure.com/v-descs/bagle_at.shtml
Bye,
Raymond.
___
Full-Disclosure - We believe in it.
Hi!
> The main website of the FEDORA linux distro (www.fedora.org) was compromised
> and defaced yesterday by Infohacking (www.infohacking.com).
>
> NOTE: "Fedora is a community project dedicated to building high-quality,
> 3rd party rpms, for the RedHat Linux distribution. Our goal is to facili
Hi!
> > Same thing is with AVP, ClamV & F-Prot.
> > Only Sophos detects this file as AntiQFX.F variant.
> That's odd -- I had the file scanned with 22 different virus scanners
> and only three (NAV, Panda and ClamAV) missed detecting it as "AntiQFX"
> or something very similar...
Bitdefender d
Hi!
> i have been getting a lot of emails twice. is any one on the list experiencing the
> same problem?
>
> -aditya
Yes, same here.
Looks someone is re-mailing them ?
Bye,
Raymond.
___
Full-Disclosure - We believe in it.
Charter: http://lists.nets
Hi!
> > > I've read on zone-h that a group of hackers, called HAA, plans a massive
> > > cyberattack against usa.
> > > does anyone have heard about that ?
> > Can you define US in terms of internet routing ? Is there one US 'border' ?
> > There is networks, no US or Europe or anything on the n
Hi!
> I've read on zone-h that a group of hackers, called HAA, plans a massive
> cyberattack against usa.
> does anyone have heard about that ?
Can you define US in terms of internet routing ? Is there one US 'border' ?
There is networks, no US or Europe or anything on the net.
Bye,
Raymond.
Hi!
> > The spam research mailing list was started about a month ago, holding
> > the members of TH-Research (the Trojan Horses Research mailing list,
> > http://ecompute.org/th-list) while we tested moving to a different
> > mailing list system from MajorDomo.
> There's also the Anti Spam
Hi!
> my Symantec AV Corporate Edition v 8.00.9374
> with Scan Engine - 4.1.0.15 and last updates (28/3/2004 rev.50)
> does not found any worm or virus in your file (regsvc32.exe).
> Maybe a new worm or a modified old worm.
The Clam team has added it and it will be pushed in the next DB update:
Hi!
> my girlfriend got a new? worm on her win2k desktop.
> The worm is quite aggressive in spreading, netstat -a did not find an
> end, i expect it to be a phatbot/agobot4 fork
> seems like it invaded on port 1025, i dont know which services were
> offerd there, but i saw several connections to p
Hi!
> McAfee 4.2.60/20040126 found nothing
They have a extra dat for this.
> NOD32 1.607/20040126 found nothing
> Norton 8.0/20040123 found nothing
> Panda 7.02.00/20040126154414 found nothing
> Sophos 3.77/20040126 found nothing
> TrendMicro 1.00/20040126 found [WORM_MIMAIL.R]
F-prot: W32/[EMA
Hi!
> > But they could provide some legit forward DNS pointers so it LOOKS
> > legit. Thats not too much asked isnt it ?
>
> Forward pointers, or PTR pointers? And you'll note that "provide pointers
> so it looks legit" is a *lot* different than "funnel through the mail server".
If you make l
Hi!
> > Question: Why don't more companies do this to authenticate their commercial
> > opt-in email
>
> Chicken. Egg.
>
> Not enough companies do that to make it worth checking for. For that matter,
> even at this site our outbound mail doesn't emit from anything that our MX
> points at (
Hi!
> Internet without encryption and I'd like to be able to show them how
> insecure this is. I'd like to be able to provide them with some proof by
> sniffing their conversation and replaying it as a .wav file or something.
Thats allready possible, try etherpeek. Can spit out a nice wav file f
Hi!
> > irc.elite-irc.net 6667
> > crystal.elite-irc.net 7000
> > darwin.elite-irc.net 6667
> > killer.elite-irc.net 6667
> > It also tries to connect outbound to fuel.pyroshells.com, dnsix.com and
> > 192.168.0.1.
>
> irc.elite-irc.net lists the IP of fuel.pyroshells.com in their
> round-robi
Hi!
> >> > i looked at this piece of exploit... it is binary so i'am not sure if
> >> > this is a trojan or a backdoor or a virus. but i can't see anything
> >> > strange while sniffing the exploit traffic. and i got root on serveral
> >> > of my openbsd boxes with that. the bruteforcer seems t
Hi!
> Lots of people gave me useful feedback on my Unix based MS DCOM DCE RPC
> scanner. I've updated it based on their suggestions. This version has
> better OS detection, recognizes 9x/me systems as immune, better support for
> NT, and better detection of systems with DCOM disabled.
>
>
16 matches
Mail list logo
