Brian Krebs notes on Washingtonpost.com that there are 200 sites exploiting the createTextRange IE flaw. Microsoft recommends avoiding untrusted sites, but Krebs says you can’t trust that advice. Crackers have broken into normally trusted sites and installed traps that, through the flaw, install spyware and bots.
Essentially, you cannot trust ANY site when [...]
Sometime overnight on January 5, the viruses went away. Well, not all of them, but the 10,000 Sober.U variants that had been pounding us stopped. It’s quiet out there…. too quiet.
Maybe this SANS warning is it. Look for corrupted user files on February 3.
Listen to this post
Our friendly mail servers have had a busy 10 days coping with Worm.Sober.U (as known by ClamAV) and W32.Sober.X (as known by Symantec).
Since we saw our first instance of the worm on Nov 21 at 15:23:15, we’ve turned away 47,277 individual mails to 1,163,846 addressees (24.62 addresses for the average email).
According [...]
