Educause Security Discussion mailing list archives
Re: Sony Rootkit... If you haven't heard yet
From: "Perry, Jeff" <perry () KU EDU>
Date: Fri, 11 Nov 2005 12:19:15 -0600
Sophos has developed a tool that will "unhide" the %sys% files. It won't however remove the rootkit as it tends to blow up the system. More: http://www.sophos.com/pressoffice/news/articles/2005/11/stinxe.html ------------------------------------ Jeff Perry Network Security Analyst IT Security Office, A division of Information Services The University of Kansas 1001 Sunnyside Avenue Lawrence Kansas 66045 http://www.security.ku.edu ------------------------------------ Direct Extension: 785-864-0489 IT Security Office: 785-864-9003 Email: perry () ku edu -----Original Message----- From: Steve Worona [mailto:sworona () EDUCAUSE EDU] Sent: Thursday, November 10, 2005 11:53 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Sony Rootkit... If you haven't heard yet See also http://www.eff.org/deeplinks/archives/004144.php Steve ----- At 12:06 PM -0500 11/10/05, James McSawley wrote:
Also Symantec has found a Trojan that tries to utilize the Sony Rootkit
http://sarc.com/avcenter/venc/data/backdoor.ryknos.html James McSawley WFUBMC -----Original Message----- From: Barros, Jacob [mailto:jkbarros () GRACE EDU] Sent: Thursday, November 10, 2005 12:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Sony Rootkit... If you haven't heard yet http://slashdot.org/~xtracto/journal/121088 http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-righ t s.html http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloak i ng.html http://news.bbc.co.uk/1/hi/technology/4424254.stm
Current thread:
- Sony Rootkit... If you haven't heard yet Barros, Jacob (Nov 10)
- <Possible follow-ups>
- Re: Sony Rootkit... If you haven't heard yet James McSawley (Nov 10)
- Re: Sony Rootkit... If you haven't heard yet Steve Worona (Nov 10)
- Re: Sony Rootkit... If you haven't heard yet Perry, Jeff (Nov 11)