New Botnet?
We've received reports from .edu (Thanks!) of a massive new outbreak of bots exploiting the Symantec Client Security and Antivirus escalation of privilege vulnerability. ("new" implying the outbreak, not the vulnerability :)
More details on the vulnerability here.
We have not seen the botnet here at the ISC, but if you are having experience with it, please write in via our "Contact Us" Button, and let us know!
Update #1:
Port traffic on the Symantec Client port (2967) has drastically increased in the past few days.
Keywords:
0 comment(s)
Spam Increase
Thanks to the many readers who have written in. We have received multiple reports of a big increase in spam traffic overnight. (Heck, I've noticed it myself)
Mostly non-us based as I have noticed, and ranging from topics old and new such as Stocks, Microsoft Updates, and the nearly-famous 'Nigerean' emails.
As always make sure your users are educated as to the presence of these emails. It's generally recomended to avoid html email totally.
Good luck, and welcome back to work .us people!
Joel Esler
Mostly non-us based as I have noticed, and ranging from topics old and new such as Stocks, Microsoft Updates, and the nearly-famous 'Nigerean' emails.
As always make sure your users are educated as to the presence of these emails. It's generally recomended to avoid html email totally.
Good luck, and welcome back to work .us people!
Joel Esler
Keywords:
0 comment(s)
×
Diary Archives
Comments