Hello Eric,
You’re saying that you were caught up in the Exchange attacks, but ClamAV was
able to catch an installed Webshell?
--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com | https://www.snort.org
On Mar 13, 2021, at 8:12 PM, Eric T
Joel, Micah,
Just as a side note, I was compromised with everyone else, but thankfully have
mitigated before things got too out of hand from what I can tell.
Looks like the webshells are both caught from a scan I just did to test out:
Asp.Trojan.Webshell0321-9840176-0
Thanks for the update….
Si