Educause Security Discussion mailing list archives
Re: Bagle.j out -- So is MyDoom.G
From: James Moore <jhmfa () RIT EDU>
Date: Tue, 2 Mar 2004 18:06:31 -0500
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.g@mm. html Also for an interesting analysis see: http://www.norman.com/press_release/2004_mar_01.shtml - text strings in the worms suggest the theory that this is a turf war of virus writers. Either that, or maybe something to draw our attention away from the criminal aspects, like the keyloggers and the scanning for financial sites. Jim - - - Jim Moore, CISSP, IAM Information Security Officer Rochester Institute of Technology 13 Lomb Memorial Drive Rochester, NY 14623-5603 Office: 585-475-5406 Fax: 585-475-7950 "In cases of defence 'tis best to weigh the enemy more mighty than he seems" - William Shakespeare (Henry V, Act 2, Scene 4) -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Theresa Semmens Sent: Tuesday, March 02, 2004 6:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Bagle.j out Just a heads up, we are seeing the variant Bagle.j. This is the link. http://vil.nai.com/vil/content/v_101071.htm From what I can see there is no extra.dat out yet. I may be wrong. Theresa Semmens, CISA NDSU IT Security Officer North Dakota State University Fargo, ND 58101 701.231.5870 Theresa.Semmens () ndsu nodak edu Happiness comes through doors you didn't know you left open. This electronic mail message may contain privileged and confidential information. If the reader is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any use, disclosure, dissemination, distribution, or copying of this communication and any attached files may be strictly prohibited. If you have received this communication in error, please immediately notify Information Technology Services contact by telephone at 701-231-5870, or by reply e-mail, and permanently delete the message from your system. Receipt by anyone other than the intended recipient is not a waiver of any privilege or immunity. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Bagle.j out -- So is MyDoom.G James Moore (Mar 02)