|
Port 1070
We received a report that there is an increase scan on port 1070. If you see any unusual activities or have any sample logs, please let us know. http://isc.sans.org/port_details.html?port=1070 Dumaru Worm There is a new variant of worm that sends an attachment as a zip file which contains the worm executable, myphoto.jpg<56 spaces>.exe. On infected system, it may open a backdoor on port 10000 which allow the attacker to connect and perform malicious actions. If you have a copy of the worm, please let us know. http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru.y@mm.html http://www.f-secure.com/v-descs/dumaru_y.shtml http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_DUMARU.Y http://www.messagelabs.com/viruseye/info/default.asp?frompage=threats+list&fromURL=%2Fviruseye%2Fthreats%2Flist%2Fdefault%2Easp&virusname=W32%2FDumaru%2EY%2Dmm Email Disguised as Microsoft Patch We also received a report on an email disguising as Microsoft Security Patch. According to Microsoft, they will not send patches via email. If you receive such emails, be wary as most likely it is attempting to trick you to execute some malware. |
Kevin 32 Posts Jan 24th 2004 |
| Thread locked Subscribe |
Jan 24th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
