Educause Security Discussion mailing list archives
Re: bugbear variant
From: Theresa M Rowe <rowe () OAKLAND EDU>
Date: Thu, 5 Jun 2003 16:16:29 -0400
We have been hit hard with this today. It is particularly ugly. We have Sophos at the gateway, and Norton Corporate Edition at the desktop, and the variant hit before either had an anti-virus definition available. We got definitions from Sophos at 11:30 AM and Norton at 1:30 PM. We are now doing the clean-up. While the virus seems to be stopped, it leaves behind hooker.trojan in keystroke capturing mode, and that is proving extremely difficult to clean-up. Theresa Rowe ---- Original message ----
Date: Thu, 5 Jun 2003 14:43:55 -0500 From: "Bruhn, Mark S." <mbruhn () INDIANA EDU> Subject: [SECURITY] bugbear variant To: SECURITY () LISTSERV EDUCAUSE EDU I received a phone call a short while ago from DHS,
indicating that a
new variant of Bugbear was spreading, mostly among financial institutions. That's all they told me. We haven't received
reports of
infections here at IU yet. But, information about it can be found at http://www.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.h
tml, or
probably also at your favorite AV vendor site . M. -- Mark S. Bruhn, CISSP Chief IT Security and Policy Officer Interim Director, Research and Educational Networking
Information
Sharing and Analysis Center (ren-isac () iu edu) Office of the Vice President for Information Technology and
CIO
Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu ********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/. Theresa Rowe Assistant Vice President University Technology Services www.oakland.edu/uts - the latest news from University Technology Services ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- bugbear variant Bruhn, Mark S. (Jun 05)
- <Possible follow-ups>
- Re: bugbear variant Theresa M Rowe (Jun 05)
- Re: bugbear variant St. Laurent, Tim (Jun 05)