Security Incidents mailing list archives
Re: Hybris worm
From: jkruser <jkruser () ADELPHIA NET>
Date: Thu, 30 Nov 2000 13:59:38 -0500
There have been a couple of recent posts about this virus to some of the virus lists I watch. It appears Hybris may be on the rise. I posted a couple of links to information on the Virus Security Focus list early this AM but nothing has come through on that list all day. Maybe technical issues there. Just FYI (I know this is pretty basic, but someone may not know) here are a few precautions you can take in Outlook and OE to reduce the risk of infection by some types of virus. Outlook Settings: select Tools -> Options Select the 'Security' tab Under 'Secure Content' set the zone to 'Restricted Sites' Click the 'Zone Settings' button Click the 'Custom Level' button Under 'ActiveX Controls and Plugins' ensure that all are set to disable Under 'Scripting' ensure all are set to disable Click OK, OK and OK Update your MS security patches and...of course...Don't open any unknown attachments :) Claymore the unprofound -----Original Message----- From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On Behalf Of Philippe Bourcier Sent: Wednesday, November 29, 2000 4:48 PM To: INCIDENTS () SECURITYFOCUS COM Subject: Hybris worm Hi, I received a lot of mails from hahaha () sexyfun net with a 23k attachment and I am sure some of you too. After a search for more infos about it I found this analysis: http://www.avp.ch/avpve/worms/email/hybris.stm To be short, I would say it would be judicious for any admin to block mails from hahaha () sexyfun net on the mail servers, because this new Windows "worm" spreads using mail with this "from" address. Philippe Bourcier ------------------------------------- www.documents.cyberabuse.org
Current thread:
- Hybris worm Philippe Bourcier (Dec 01)
- Re: Hybris worm jkruser (Dec 01)
- <Possible follow-ups>
- Fw: Hybris worm Philippe Bourcier (Dec 05)