If you've been following the news about Zotob, IRCBot, Bozori, and the other families of worms to attack the recent Plug-and-Play vulnerability (MS05-039), you know that another worm war has begun between the latter two worm families and Zotob, which so far is not “fighting back” with a new...
Early news reports indicate that the group most affected (or at least most publicly affected) by the IRCBot is the media. Brian Krebs at The Washington Post reports : ABC News had an extensive outage today due to infections from Zotob or one of its variants [most probably IRCBot, which is also known...
Before I head off to bed, I just want to give a very quick update on the “Anti-Santy” worm I have discussed previously in a post , as well as a follow-up . We now have a name to this worm - Asan - and information that its spread seems to be slowing from already limited levels. The good folks...
I'd like to give you all a quick-update on the phpBB worm that targets the vulnerability used by Santy and patches it I reported yesterday. Although it still lacks a name, and little is actually known about it, the media is beginning to report on it. From ZDNet (underlining for emphasis on new details...
BREAKING NEWS: Symantec Upgrades Sasser.B to HIGH (4) Symantec has just upgraded Sasser.B to a HIGH risk (4). This is due to increased spread. The worm, which appeared yesterday, has now achieved higher spread than the original, according to Symantec. http://www.sarc.com/avcenter/venc/data/w32.sasser...
Posted to
Security Manifest
(Weblog)
by
trafton
on
05-02-2004
Filed under: VIRUSES, SECURITY, FOLLOW-UPS, Viruses (Medium), Viruses (Urgent), Viruses (Very Urgent)
BREAKING NEWS: Sasser.B Spreading Quickly Most companies are now calling W32/Sasser.worm.b Medium risk. This reflects increased spread. The worm, which debuted yesterday, is not all that different from the original. The main indication of difference is the prescence of a “2“ at the end of the file name...
Follow-Up: Apparently Low Risk; Little Innovation Trend Micro has updated their description of the .B version of W32/Sasser.worm. The good news is that this latest variant does not appear to be spreading at a significant rate. The bad news is that this could change. The main change is that the file name...
Follow-Up: Weekend Debut Likely Hurt Spread Rates For some of the most spin-free and interesting semi-technical coverage of virus incidents, I highly recommend F-Secure's Developers Web Log, an ingenious and frequently updated project that started during the MyDoom pandemic. Today, F-Secure's Mikko Hyppönen...
Good news on the Zotob front. McAfee has lowered the risk to Medium. Correspondingly, it is now considered a moderate outbreak.