2nd Try... > -----Original Message----- > From: George Heuston > Sent: Tuesday, September 18, 2001 11:31 AM > To: 'crime@private' > Subject: Nimda Worm Threat --" w32nimda.a.mm" -- Microsoft IIS > Systems > > Folks, > > This is what I've been able to glean preliminarily on Nimda: > > Attacks based on a Code Red II variant. The worm utilizes multiple methods > of penetration, including use of corporate email (social engineering) > through dissemination of a readme.exe file attachment to the email, that > when executed (clicked on) injects and propogates internally and conducts > a comprehensive scan to identify multiple IIS vulnerabilities. McAfee > advises that the full info on this will be available presently at > www.mcaffee.com; and as Paul Speck just posted, there's a dat fix for this > at McAffee... > > I attach an additional item re Nimda from F-Secure: > > F-Secure Radar Level 2 Alert > > A new worm called Nimda is spreading globally today. > > Here is the text from the Radar alert: > > "On September 18th, 2001 a new worm Nimda was found in the wild. It > spreads > in email messages as an attachment called Readme.exe and also in a similar > way as CodeRed worm." > > for more information: > http://www.f-secure.com/v-descs/nimda.shtml > > >
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:25:01 PDT