January 28th, 2004, 09:19 PM
I can't seen to get my hands on the new def's either, keep getting the "your up to date message".
:confused:
[/edit]
If anyone feels lucky, Symantec just posted Beta def's for the new...
January 28th, 2004, 09:03 PM
Symantec just posted some info on it Tebob1, check it out here.
They say the defs of January 28, 2004 will detect it, but they don't seem to mention how it will be detected. :confused:
...
January 28th, 2004, 08:36 PM
If you were previously subscribed to the CERT Advisory mailing list, you don't have to re-subscribe.
Cheers:
January 28th, 2004, 06:56 PM
Looks like the first variant is on it's way. I just received this from Symantec.
DING....round two. :p
Cheers:
January 28th, 2004, 03:48 PM
Just to add to what Tiger said, this quote is from the Symantec site.
Now while it does say "may be spoofed", history teaches us that the new crop of viruses making the rounds use this...
January 27th, 2004, 11:18 PM
Since midnight last night to right now, I have quarantined or block just under 2000 copies, not all that many when I compare it to Klez when it first started.
Cheers:
January 27th, 2004, 08:33 PM
Already posted above Chief ;)
January 27th, 2004, 06:55 PM
MessageLabs first contact was from Russia.
MessageLabs
By the way, a removal tool has just been posted by Symantec.
TOOL
January 27th, 2004, 06:13 PM
I suspect this is the contents of the zip file before the virus is stripped away.
Cheers:
January 27th, 2004, 05:47 PM
Tiger, are you saying that the virus dropped VNC on to the system?
Cheers:
January 27th, 2004, 05:03 PM
I think that's what I said :confused:
Cheers:
January 27th, 2004, 04:40 PM
Symantec does mention that it will bypass .edu accounts, but the McAfee writeup does not say anything about it. I don't think everybody has all the info. on this puppy yet, hell I don't even think...
January 26th, 2004, 10:57 PM
Symantec just issued a new Category 3 Virus alert. The name of the virus is W32.Novarg.A@mm and while the information on it is a little thin, you can read about it here:
...