April 26th, 2004, 02:47 PM
Ok.. here is what happened:
On different infected machines we found three different worms:
April 16th, 2004, 04:39 PM
Yesterday we noticed some strange traffic from some internal machines
trying to contact Japan IP addresses on the port 54875 like 300 times a
second. We left the office without worrying too...
March 5th, 2004, 04:47 PM
Well.. that was fast but I'm not talking about Suffixes and Prefixes .. I meant the NAME of the virus. Like Mydoom, Beagle or Netsky... what determines the choice of those names?
March 5th, 2004, 04:41 PM
Could someone explain to me how the AV companies determine the name of a new virus they find?
February 18th, 2004, 05:36 PM
Is it just me or...
the last update is february 17 for both liveupdate and intelligent updater...
February 18th, 2004, 05:12 PM
Any signature file for snort yet?
Any signature file for anti virus yet?
Any removal tool yet?
February 17th, 2004, 06:03 PM
Here is what i'm talking about:
Symantec (Alua): http://firstname.lastname@example.org
February 17th, 2004, 04:57 PM
Symantec calls it "Alua" and some others call it "Bagle.B" ...
The source code I mean, the code of the php file, I want to know if it is dangerous to visit this link if I'm not infected.
February 17th, 2004, 04:28 PM
Anyone got hit by this new virus yet?
Any deep informations about it would be greatly appreciated! Do you know what is the source code of the .php files it tries to execute on the websites?...
January 27th, 2004, 06:46 PM
Well that is weird because in most cases I can see the zip files with the infected file removed. Normally we can open the zip and see that nothing is inside and its size is 0k.
Any other idea...
January 27th, 2004, 05:40 PM
We got eSAFE installed and running fine, removing every attachment which contains a zip, exe, bat, and so on...
But here is what we see when eSAFE removes a ZIP attachment containing a...