What is the attack vector? Can you tell? Sent from my iPhone
On Sep 4, 2016, at 7:33 AM, Beard, Julius <[email protected]<mailto:[email protected]>> wrote: Yep, we’re seeing the same on a number of machines running Sophos. I see they updated their KB article in Threat Center last night, but now it goes to a 404 page. You get any response from them? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kelsey, John Sent: Sunday, September 4, 2016 12:16 AM To: '[email protected]<mailto:[email protected]>' <[email protected]<mailto:[email protected]>> Subject: [NTSysADM] Outbreak We’re seeing a massive outbreak of Troj-FarFli-CT tonight, affecting winlogon.exe. Sophos doing a poor job of stopping it so far. Anyone else seeing similar? Tons of our VMs are getting infected. On hold for over 30 minutes waiting for Sophos support right now. *************************************** John C. Kelsey Penn Highlands Healthcare •: 814.375.3073 • : 814.375.4005 •: [email protected]<mailto:[email protected]> *************************************** <image001.png> This email and any attached files are sensitive in nature and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of Penn Highlands Healthcare or its affiliates.. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
