Qakbot I have seen off and on, and its variants ( maybe they tweaking it for other infections)
Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Erik Goldoff [mailto:[email protected]] Sent: Sunday, September 11, 2011 11:08 AM To: NT System Admin Issues Subject: RE: anyone else seeing Hiloti malware zero day ? Must be my lucky week, we also caught an 'undetected' variant of qakbot too Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: Andrew S. Baker [mailto:[email protected]] Sent: Saturday, September 10, 2011 10:20 PM To: NT System Admin Issues Subject: Re: anyone else seeing Hiloti malware zero day ? Not I... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Fri, Sep 9, 2011 at 7:47 PM, Erik Goldoff <[email protected]> wrote: At a client site Wednesday had a Hiloti outbreak, found by IDS signatures but not AV. Had to submit captured DLL from loadpoint analysis for examination by AV vendors to have signatures updated. Today, only two days later, a new variant of Hiloti is back in the wild. Anyone else seeing this ? Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<image001.jpg>>
