Over the past 2 days, we have been seeing a resurgence of Klez type activity. However, this appears to be getting past our a/v software. The symptoms we see are: - spoofed email address - unusual subject - no body - attachments with .scr, .bat, .exe, .jpg extensions (there may be others, but this is what we've examined so far) - when the email is opened, even in preview pane, it launches Media Player but is unable to find the specified file. Has anyone else seen this type of activity lately, or have any thoughts on this? Thanks, Peter Peter Snell, MCP LAN Admin Daymon Associates * (210) 299-8164 * psnellat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 31 2003 - 09:25:44 PST