We've had three machines across multiple sites come up
with the backdoor.coreflood trojan today. NAV caught
them all, but I'm wondering how it got in. We block
.exe attachments.
It's my understanding that this thing doesn't
propagate itself. One instance I can understand, but
three seemingly unrelated infections are puzzling.
Is anyone else seeing this, or have any ideas?
Reid
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
------------------------------------------------------------------------
----
with the backdoor.coreflood trojan today. NAV caught
them all, but I'm wondering how it got in. We block
.exe attachments.
It's my understanding that this thing doesn't
propagate itself. One instance I can understand, but
three seemingly unrelated infections are puzzling.
Is anyone else seeing this, or have any ideas?
Reid
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
------------------------------------------------------------------------
----
[ reply ]