Type: Posts; User: omalakai; Keyword(s):
Search took 0.01 seconds.
June 16th, 2005, 11:58 PM
Another site where you can go to not get malware, but to get videos of the malware being installed, is the site of Ben Edelman. He's got some videos of this exact same thing: going to a web site and...
March 7th, 2005, 04:04 PM
On the blog from F-Secure, their latest post mentions a new version of this one, called Bropha.K that came out Sunday.
The link to their blog for a little more info is here.
October 19th, 2004, 07:42 AM
For me, Symantec came up and listed it as W32.Spybot.Worm. Maybe it's a new version???
March 20th, 2004, 07:03 AM
Service Pack 2 Release Candidate 1 for Win XP is out. Info and to download it is here:
February 16th, 2004, 10:57 PM
A proof-of-concept for a new IE exploit has been released. The person who found the problem used the relently leaked Windows source code to find this. You can see it here
It is a Bitmap file with a...
February 1st, 2004, 09:45 PM
SCO.COM has removed their WWW A record from DNS to stop the onslaught. Take a look at this article, just posted, on Netcraft:...
January 19th, 2004, 02:23 AM
It looks like the guy who makes CWShredder at Merijn.org has been on vacation from Jan 9 to Jan 19. So, that is probably why it does not take care of this new version.
But he is back tomorrow, I...
December 5th, 2003, 08:30 AM
Well, here is Symantec's write up of this one. It lists the REgistry key in the Run portion this spam relay trojan sets up.
Check it out.
November 21st, 2003, 08:50 PM
I will take a stab at this.
First, NMAP is now on version 3.48, so running this older version could impact the OS detection. Version 3.00 has a datestamp of July 28, 2002. So, right there, I do...
November 10th, 2003, 11:22 PM
November 8th, 2003, 12:09 AM
Here is my most embarrassing story. It is not very security related, but it is fun!
I once worked at a small long-distance phone company as a junior IT tech guy. One day, there was a power blackout...
October 28th, 2003, 03:19 AM
TH13, thanks for the warning.
I've already talked to my company's security officer, and we are gonna send out an alert on this. We have had 4 offices that had Welchia outbreaks, and I know some...
October 27th, 2003, 06:04 AM
Oh, you already reinstalled? Rats!
For future reference, here is one trick you can use. When the Default value for HKEY_CLASSES_ROOT\exefile\shell\open\command gets changed, thereby preventing any...
October 21st, 2003, 01:48 AM
Yes, Yahoo! Inc. has registered both of those domains, in addition to their real one. Here is the registrant info:
701 First Avenue Sunnyvale
September 26th, 2003, 10:47 PM
Open up the Event Viewer on any Windows NT/2K/XP/2K3 machine.
Select the System log.
The Event ID number for Net Send messages is #26, from the "Application Popup" source.
And you will see 1 popup...
September 17th, 2003, 11:14 PM
Hopefully, this information will not be abused in any way.
The K-Otik French security site has the exploit code. There are also compiled versions of the code bouncing around.
September 16th, 2003, 12:51 AM
I have been working with Tivoli Storage Manager running on Win2K for almost 2 years now. 1 year ago, we migrated from a IBM Magstar 3570 tape library (which is really a dinosaur!) to the IBM 3584...
September 11th, 2003, 08:55 PM
I started patching some "non-critical" machines last night. I checked their Event Viewer logs after the reboot, and there was nothing abnormal. Full functionality was available. I ran this on an IIS...
September 11th, 2003, 12:15 AM
CXGJarrod, you posted:
The Technet article on this one says that this situation is true, that scanners that scan for MS03-026 will not detect it being patched if you have this new patch only...
August 20th, 2003, 11:48 PM
There is a virus that is farily recent called WINPUP32.EXE that your friend might have.
It can load a trojan file on the target system. I had a user who had a problem with this.
August 20th, 2003, 11:44 PM
I had patched about 30 servers for this the last week in July. Due to the firewall settings and the patches, I have not had any problems at work.
But from a personal level, 9 people so far have...
August 20th, 2003, 03:38 AM
Win2K SP3 added the new Automatic Updates process that ships with XP.
With this version, you can currently set it to "Automatically download the updates, and install them on the schedule that I...
August 19th, 2003, 10:44 PM
Is there anything in the Event Viewer logs that relates to the failed install of these apps? You could post what the logs say.
August 19th, 2003, 04:16 AM
Symantec just upgraded W32.Welchia.Worm to a Category 4 "Due to an increase in submissions."
It exploits RPC/DCOM over port 135. Plus, the new twist to this one that I think warrants a brief...
August 12th, 2003, 05:12 AM
What is wrong with you that you have to post these meaningless statments that do nothing but demean the work we are trying to do here. This new Msblaster.EXE RPC worm is flying everywhere causing...