[sanesecurity] Re: Fake alert email

  • From: "Bill Greganti" <bill@xxxxxxxxxxxxxxxx>
  • To: <sanesecurity@xxxxxxxxxxxxx>
  • Date: Mon, 19 Oct 2009 21:13:33 -0700

Thanks Steve & Tom,
I saw a few detections for this today, and this may have saved a few "less
intelligent" clients from infecting themselves. 

-----Original Message-----
From: sanesecurity-bounce@xxxxxxxxxxxxx
[mailto:sanesecurity-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Shaw
Sent: Monday, October 19, 2009 8:38 AM
To: sanesecurity@xxxxxxxxxxxxx
Cc: sanesecurity_announce@xxxxxxxxxxxxx
Subject: [sanesecurity] Re: Fake alert email

At 4:22 PM +0100 10/19/09, Steve Basford wrote:
>Hi all,
>Looks like we just got a run of a fake ConXflicker.BXInfectionXAlert 
>(remove X's) this time with an install zip payload.
>A variant of: http://blogs.zdnet.com/security/?p=3105
>Just added Detection as:

Pushed out winnow sigs for same earlier today.


Other related posts: