More agobot/phatbot/polybot variants
We've received e-mail today of several sites reporting infections of machines that are apparently current on patches and running current anti-virus signatures that have been infected with what appear to be agobot/phatbot/polybot variants. We're still awaiting more detailed forensic examination of the infected machines.
cPanel resetpass exploit
We also received e-mail today from an individual who has captured evidence of attempts to exploit the cPanel resetpass vulnerability described at
in order to propagate a bot of some sort.
Jim ClausingI will be teaching next: Malware Reverse-Engineering Challenge - SANS Northern VA Fall- Reston 2019
Apr 3rd 2004
1 decade ago