Re: [Kicad-developers] ransomware locky detected on version 4.0.4 and 4.0.3

2016-12-02 Thread Nick Østergaard
Thank you for the feedback.

Den 02/12/2016 09.02 skrev "Paolo Barbato" :

> Hi Nick,
>
> let me inform you that CheckPoint has verified that was a false positive.
>
>
>
>
>
>
>
> *RnD confirmed this to be a false-positive.Within the next few hours, the
> database will be updated and the FP will be removed.Please check today by
> end of day [3:00pm your time] and issue should be resolved.Let me know if
> anything else is required, or if we can proceed with  closure of this SR.*
>
>
> Time to time some good news, we need it !
>
> Regards,
> Paolo.
>
>
> On 1 Dec 2016, at 17:46, Paolo Barbato  wrote:
>
> 
>
> Hi Nick,
>
> this is the complete log...CheckPoint is working on this.
>
> Regards,
> Paolo.
>
> Il giorno 01/dic/2016, alle ore 17.03, Nick Østergaard ha scritto:
>
> Paolo,
>
> Does that firewall software of yours not provide any technical info about
> this? Like filenames or byte sequences or similar?
>
> Den 01/12/2016 16.41 skrev "Wayne Stambaugh" :
>
>> Paolo,
>>
>> This might be a false positive.  We've seen this in the past.  Would one
>> of our windows package devs please verify the windows installer binaries
>> on the kicad download page are still valid?
>>
>> In the future, please post your questions to the developers mailing list.
>>
>> Cheers,
>>
>> Wayne
>>
>> On 12/1/2016 7:56 AM, Paolo Barbato wrote:
>> > Dear devolopers,
>> >
>> > I’m in charge fro internet security at Consorzio RFX laboratpry.
>> >
>> > We’ve blocked, using ChcekPoint firewall, a download attempt of an
>> >  internal user of kicad from your official link
>> > http://kicad-pcb.org/download/windows/ .
>> > Compromised version are 4.0.4 and 4.0.3  both 64 and 32 bits that seems
>> > have exploited by locky ransomware.
>> >
>> >
>> >
>> > Please check, and let me know.
>> >
>> >
>> >
>> >
>> > 
>> 
>> > Paolo Barbato
>> >
>> > Consorzio RFX
>> > corso Stati Uniti,4
>> >
>> > 35127 Padova - Italy
>> > Network Administrator
>> > phone: +39 049 8295097 fax: +39 049 8700718
>> > 
>> 
>> >
>>
>> ___
>> Mailing list: https://launchpad.net/~kicad-developers
>> Post to : kicad-developers@lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~kicad-developers
>> More help   : https://help.launchpad.net/ListHelp
>>
>
> 
> 
> Paolo Barbato
>
> Consorzio RFX 
> corso Stati Uniti,4
> 35127 Padova - Italy
> Network Administrator
> phone: +39 049 8295097 <+39%20049%20829%205097> fax: +39 049 8700718
> <+39%20049%20870%200718>
> 
> 
>
>
> 
> 
> Paolo Barbato
>
> Consorzio RFX
> corso Stati Uniti,4
>
> 35127 Padova - Italy
> Network Administrator
> phone: +39 049 8295097 <+39%20049%20829%205097> fax: +39 049 8700718
> <+39%20049%20870%200718>
> 
> 
>
>
___
Mailing list: https://launchpad.net/~kicad-developers
Post to : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help   : https://help.launchpad.net/ListHelp


Re: [Kicad-developers] ransomware locky detected on version 4.0.4 and 4.0.3

2016-12-01 Thread Nick Østergaard
Paolo,

Does that firewall software of yours not provide any technical info about
this? Like filenames or byte sequences or similar?

Den 01/12/2016 16.41 skrev "Wayne Stambaugh" :

> Paolo,
>
> This might be a false positive.  We've seen this in the past.  Would one
> of our windows package devs please verify the windows installer binaries
> on the kicad download page are still valid?
>
> In the future, please post your questions to the developers mailing list.
>
> Cheers,
>
> Wayne
>
> On 12/1/2016 7:56 AM, Paolo Barbato wrote:
> > Dear devolopers,
> >
> > I’m in charge fro internet security at Consorzio RFX laboratpry.
> >
> > We’ve blocked, using ChcekPoint firewall, a download attempt of an
> >  internal user of kicad from your official link
> > http://kicad-pcb.org/download/windows/ .
> > Compromised version are 4.0.4 and 4.0.3  both 64 and 32 bits that seems
> > have exploited by locky ransomware.
> >
> >
> >
> > Please check, and let me know.
> >
> >
> >
> >
> > 
> 
> > Paolo Barbato
> >
> > Consorzio RFX
> > corso Stati Uniti,4
> >
> > 35127 Padova - Italy
> > Network Administrator
> > phone: +39 049 8295097 fax: +39 049 8700718
> > 
> 
> >
>
> ___
> Mailing list: https://launchpad.net/~kicad-developers
> Post to : kicad-developers@lists.launchpad.net
> Unsubscribe : https://launchpad.net/~kicad-developers
> More help   : https://help.launchpad.net/ListHelp
>
___
Mailing list: https://launchpad.net/~kicad-developers
Post to : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help   : https://help.launchpad.net/ListHelp


Re: [Kicad-developers] ransomware locky detected on version 4.0.4 and 4.0.3

2016-12-01 Thread Wayne Stambaugh
Paolo,

This might be a false positive.  We've seen this in the past.  Would one
of our windows package devs please verify the windows installer binaries
on the kicad download page are still valid?

In the future, please post your questions to the developers mailing list.

Cheers,

Wayne

On 12/1/2016 7:56 AM, Paolo Barbato wrote:
> Dear devolopers,
> 
> I’m in charge fro internet security at Consorzio RFX laboratpry.
> 
> We’ve blocked, using ChcekPoint firewall, a download attempt of an
>  internal user of kicad from your official link
> http://kicad-pcb.org/download/windows/ .
> Compromised version are 4.0.4 and 4.0.3  both 64 and 32 bits that seems
> have exploited by locky ransomware.
> 
> 
> 
> Please check, and let me know.
> 
> 
> 
> 
> 
> Paolo Barbato
> 
> Consorzio RFX
> corso Stati Uniti,4 
> 
> 35127 Padova - Italy  
> Network Administrator 
> phone: +39 049 8295097 fax: +39 049 8700718
> 
> 

___
Mailing list: https://launchpad.net/~kicad-developers
Post to : kicad-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kicad-developers
More help   : https://help.launchpad.net/ListHelp