Re: Hybris worm

[jkruser <jkruser () ADELPHIA NET>]

There have been a couple of recent posts about this virus to some of the
virus lists I watch. It appears Hybris may be on the rise. I posted a couple
of links to information on the Virus Security Focus list early this AM but
nothing has come through on that list all day. Maybe technical issues there.

Just FYI (I know this is pretty basic, but someone may not know) here are a
few precautions you can take in Outlook and OE to reduce the risk of
infection by some types of virus.

Outlook Settings:
select Tools -> Options
Select the 'Security' tab
Under 'Secure Content' set the zone to 'Restricted Sites'
Click the 'Zone Settings' button
Click the 'Custom Level' button
Under 'ActiveX Controls and Plugins' ensure that all are set to disable
Under 'Scripting' ensure all are set to disable
Click OK, OK and OK

Update your MS security patches and...of course...Don't open any unknown
attachments :)

Claymore
the unprofound
-----Original Message-----
From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On
Behalf Of Philippe Bourcier
Sent: Wednesday, November 29, 2000 4:48 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Hybris worm


Hi,

I received a lot of mails from hahaha () sexyfun net with a 23k attachment and
I am sure some of you too.

After a search for more infos about it I found this analysis:
http://www.avp.ch/avpve/worms/email/hybris.stm

To be short, I would say it would be judicious for any admin to block mails
from hahaha () sexyfun net on the mail servers, because this new Windows "worm"
spreads using mail with this "from" address.

Philippe Bourcier
-------------------------------------
www.documents.cyberabuse.org