-----Original Message----- From: NIPC Watch [mailto:nipcwatch@private] Sent: Tuesday, October 01, 2002 8:55 AM To: Cyber Threats Subject: [Cyber_threats] Daily News 10/01/02 September 30, CNET News- W32/Bugbear-A is spreading rapidly. Sophos has received several reports in a short space of time of users receiving an email-aware worm called W32/Bugbear-A. Sophos issued a virus identity (IDE) file for W32/Bugbear-A on 30th September 2002 and is recommending customers update their copies of Sophos Anti-Virus to protect against it. W32/Bugbear-A drops a randomly-named DLL file, which is related to logging keystrokes, in the Windows system folder. It can also terminate certain firewall and antivirus programs. Detection A virus identity file (IDE) which provides protection is available and will be incorporated into the November 2002 (3.63) release of Sophos Anti-Virus. Source: http://www.sophos.com/virusinfo/analyses/w32bugbeara.html Virus: #1 Virus in USA: : PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 80(http); 1433(ms-sql-s); 21(ftp); 103; 139(netbios-ssn); 6346(morpheus); 67(bootps); 3389; 1080(socks); 4665; Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Tue Oct 01 2002 - 10:48:49 PDT