Educause Security Discussion mailing list archives
Re: PS: FirstClass installations an exploit target?
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 4 Apr 2006 14:12:29 -0400
On Tue, 04 Apr 2006 13:37:04 EDT, James H Moore said:
I should have mentioned that it carries an attachment important-details.zip which our spam/virus gateway stripped before it got to FirstClass.
Not a FirstClass issue at all, I suspect. It's one of the many worm variants that say the "Your <victim.domain> account was used to send spam", to entice you to open the .zip (which is the malware/worm payload). We can tell when a new variant has popped up that we don't have filters for, because we get stuff signed 'The vt.edu admin team' that we didn't send. ;)
Attachment:
_bin
Description:
Current thread:
- PS: FirstClass installations an exploit target? James H Moore (Apr 04)
- <Possible follow-ups>
- Re: PS: FirstClass installations an exploit target? Valdis Kletnieks (Apr 04)
- Re: PS: FirstClass installations an exploit target? Cal Frye (Apr 04)