Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

PHP Worm, Winace exploit, new toys

Published: 2005-02-23
Last Updated: 2005-02-24 02:02:33 UTC
by Michael Haisley (Version: 1)
0 comment(s)

PHP Worm spreading

We have received reports that yet another variant of the phpworm has started to spread, from the beginning analysis it appears that current antivirus vendors do not recognize this variant. Note that we have not received many reports of this worm spreading.

Canada's Security Report Card has been released

The best summary is a direct quote from the report. "two and a half years after revising its Government Security Policy, the government has much work to do to translate its policies and standards into consistent, cost-effective practices that will result in a more secure IT environment in departments and agencies."

The folks over at k-otik released an advisory on a buffer overflow issue, which could allow arbitrary code execution.

Sysinternals has released a new utility which detects windows based root kits.

Its functions by looking for Registry and file system API discrepancies that may indicate the presence of a root kit.
0 comment(s)
Diary Archives