Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Bagle.j out -- So is MyDoom.G

From: James Moore <jhmfa () RIT EDU>
Date: Tue, 2 Mar 2004 18:06:31 -0500
http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.g@mm.
html

Also for an interesting analysis see:
http://www.norman.com/press_release/2004_mar_01.shtml - text strings in
the worms suggest the theory that this is a turf war of virus writers.
Either that, or maybe something to draw our attention away from the
criminal aspects, like the keyloggers and the scanning for financial
sites.

Jim
- - -
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
Office: 585-475-5406
Fax: 585-475-7950 

"In cases of defence 'tis best to weigh the enemy more mighty than he
seems" - William Shakespeare (Henry V, Act 2, Scene 4)

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Theresa Semmens
Sent: Tuesday, March 02, 2004 6:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Bagle.j out


Just a heads up, we are seeing the variant Bagle.j.  This is the link.
http://vil.nai.com/vil/content/v_101071.htm  From what I can see there
is no extra.dat out yet.  I may be wrong. 

Theresa Semmens, CISA
NDSU IT Security Officer
North Dakota State University
Fargo, ND 58101
701.231.5870
Theresa.Semmens () ndsu nodak edu

Happiness comes through doors you didn't know you left open.

This electronic mail message may contain privileged and confidential
information.  If the reader is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any use, disclosure, dissemination,
distribution, or copying of this communication and any attached files
may be strictly prohibited.  If you have received this communication in
error, please immediately notify Information Technology Services contact
by telephone at 701-231-5870, or by reply e-mail, and permanently delete
the message from your system.  Receipt by anyone other than the intended
recipient is not a waiver of any privilege or immunity. 
 

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: