Randy's Blog on Infosec and Other Stuff Follow @randyfsmith
« Zero information on zero ... | Microsoft publishes advis... »
Sat, 20 May 2006 15:30:04 GMT
Bad news: The back door door does actively connect back to a malicious website (apparently a server in the 3322.org domain) and accepts commands.
Good news: It appears that most AV vendors have succedded in getting a signature out.
The SANS Internet Storm Center is doing a good job keeping up to date on this.
See http://isc.sans.org/diary.php?storyid=1346.
email this • digg • reddit • dzone comments (0) • references (0)
Related: Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online 5 Indicators of Endpoint Evil Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond
Comments disabled
powered by Bloget™