> >>One thought occurs to me: we - or at any rate I - see comparatively > little zip encryption with current mailborne malware.
Looks to me like the author of today's Storm worm outbreak reads funsec. This is from Ken Dunham's mailing on the attack: "This new variant sends out copies of itself inside of a password protected ZIP file to evade anti-virus detection. E-mails are randomized with different filenames, different passwords, and different binaries within the ZIP file to evade detection." Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine [EMAIL PROTECTED] _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
