Return-Path: <sentto-279987-2981-1003192450-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 15 Oct 2001 17:35:08 -0700 (PDT) Received: (qmail 1857 invoked by uid 510); 16 Oct 2001 00:33:57 -0000 Received: from n3.groups.yahoo.com (216.115.96.53) by 204.181.12.215 with SMTP; 16 Oct 2001 00:33:57 -0000 X-eGroups-Return: sentto-279987-2981-1003192450-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by n3.groups.yahoo.com with NNFMP; 16 Oct 2001 00:34:14 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 16 Oct 2001 00:34:10 -0000 Received: (qmail 31362 invoked from network); 16 Oct 2001 00:32:50 -0000 Received: from unknown (10.1.10.142) by 10.1.1.223 with QMQP; 16 Oct 2001 00:32:50 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 16 Oct 2001 00:32:50 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id RAA12725 for iwar@onelist.com; Mon, 15 Oct 2001 17:32:50 -0700 Message-Id: <200110160032.RAA12725@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 15 Oct 2001 17:32:50 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Two.new.mutant.variants.of.the.Nimda.virus.found.in.Korea] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Two new mutant variants of the Nimda virus found in Korea Security News Portal, 10/15/2001 <a href="http://www.securitynewsportal.com/article.php?sid=1938&mode=thread&order=0">http://www.securitynewsportal.com/article.php?sid=1938&mode=thread&order=0> Ahnlab, a Korean anti-virus company, has discovered two mutant versions of the Nimda virus, a virulent Internet worm that hit computer servers and networks hard last month, reported Ahnlab yesterday. The anti-virus company said it detected two mutated versions of the Nimda worm _ Win32/Nima28672 and Win32/Nimda 39991 _ last Friday, and distributed an updated version of its vaccine program on its website. ``As for Nimda28672 and Nimda39991, they have been found here but were never reported overseas,'' an Ahnlab researcher noted. North American anti-virus companies have stated that their current virus engines can already detect these new variants - but it would be best to ensure that your anti-virus software is running the most current version He added, ``We named the virus according to the world vaccine industry's custom that put either the discoverer or company of the computer virus or the size of the attached virus infected files in the e-mail.'' The vaccine developer explained that the two mutant Nimda worms behave pretty much as do previous Nimda worms, except that they normally stay compressed. But when they enter a computer system, they extract themselves and run automatically. To prevent or to cure infections of the transformed Nimda viruses, Internet users can access Ahnlab or other anti-virus firms' websites and update their vaccine software or download and install the vaccine program ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:55 PST