Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sony Rootkit... If you haven't heard yet

From: "Perry, Jeff" <perry () KU EDU>
Date: Fri, 11 Nov 2005 12:19:15 -0600
Sophos has developed a tool that will "unhide" the %sys% files.  It
won't however remove the rootkit as it tends to blow up the system.

More:
http://www.sophos.com/pressoffice/news/articles/2005/11/stinxe.html

------------------------------------ 
Jeff Perry                      
Network Security Analyst  
IT Security Office, A division of Information Services 
The University of Kansas        
1001 Sunnyside Avenue       
Lawrence Kansas 66045       
http://www.security.ku.edu 
------------------------------------ 
Direct Extension: 785-864-0489  
IT Security Office: 785-864-9003  
Email: perry () ku edu        

 

-----Original Message-----
From: Steve Worona [mailto:sworona () EDUCAUSE EDU] 
Sent: Thursday, November 10, 2005 11:53 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Sony Rootkit... If you haven't heard yet

See also http://www.eff.org/deeplinks/archives/004144.php
Steve
-----
At 12:06 PM -0500 11/10/05, James McSawley wrote:

Also Symantec has found a Trojan that tries to utilize the Sony Rootkit



http://sarc.com/avcenter/venc/data/backdoor.ryknos.html

James McSawley
WFUBMC

-----Original Message-----
From: Barros, Jacob [mailto:jkbarros () GRACE EDU]
Sent: Thursday, November 10, 2005 12:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Sony Rootkit... If you haven't heard yet

http://slashdot.org/~xtracto/journal/121088
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-righ
t
s.html
http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloak
i
ng.html
http://news.bbc.co.uk/1/hi/technology/4424254.stm
Previous By Date Next
Previous By Thread Next

Current thread: