[EMAIL PROTECTED] wrote: > > They are currently out of fashion. > > Yep, I just checked my junk email folder and there are only a few messages > with attached files containing malware. ...
_AND_ (assuming you do not have incoming scanning and/or filetype blocking policies) a sizable chunk of those will be "old" malware -- Netsky, Swen (I just got one, tho haven't seen one for many months or four in more than a year) and the like. > ... The situation has changed in the > last 6 to 12 months. I was amazed the last time I checked how many > malware-laden messages I had. It was as if the bad guys hadn't heard > about the Outlook executable blocker. As Toralv has noted, they _did_ notice, and they also noticed that a lot of corporates had a "no .EXE attachments... well unless the sender and receiver are sophisticated enough to know about ZIP/UNZIP'ing them" rule. As a result several much-larger-than-folk-had-become-comfortable- with outbreaks using .ZIP attachments (the only natively-supported archive format in Windows the malware authors seem to know about) saw a lot of corporates arbitrarily block .ZIP files, or at least seriously tighten their "except in .ZIP archives" rules. Subsequently the botnets these folk had been building up got so huge and sufficiently advanced that they could leverage the botnets in the ways I described in an earlier message. Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
