[LINK] AUSCERT covering its back by reissuing

Kim Holburn kim at holburn.net
Tue Aug 8 15:51:16 AEST 2006 

I had a chat to someone at AusCERT about this.  The NATIONAL-Alerts  
list gets AUSCERT bulletins after the bulletins AUSCERT members.  So  
it's not a reissue.

I asked them about the haxdoor release from the Tax office and they  
really don't seem to know.

There is a press release on the DSD site:
http://www.dsd.gov.au/library/advisories/advisories.html


On 2006 Aug 07, at 7:00 PM, Jan Whitaker wrote:

> Received (again) today:
> Fwd: [NATIONAL-ALERTS] (AUSCERT AL-2006.0059) [Win] - Order  
> WC2905036 Trojan
>
>> ===================================================================== 
>> ======
>> A  U  S  C  E  R  T                                           A   
>> L  E  R  T
>>
>>                        AL-2006.0059 -- AUSCERT ALERT
>>                                    [Win]
>>                           Order WC2905036 Trojan
>>                                25 July 2006
>>
>> ===================================================================== 
>> ======
>>
>>
>> OVERVIEW:
>>
>>         AusCERT is aware of a recent trojan designed to steal  
>> confidential
>>         information. The trojan is propagated as an attachment to
>>         an email with a subject similar to "Order Confirmation ..."
>>         or "Your order information ...".
>>
>>
>> IMPACT:
>>
>>         A user opening and running this attachment will be  
>> infected with a
>>         variant of the password stealing trojan, Haxdoor[1]. The  
>> eventual
>>         payload has also been described as Troj/FireSpy-A[2].
>
> Jan Whitaker
> JLWhitaker Associates, Melbourne Victoria
> jwhit at janwhitaker.com
> business: http://www.janwhitaker.com
> personal: http://www.janwhitaker.com/personal/
> commentary: http://janwhitaker.com/jansblog/
>
> 'Seed planting is often the most important step. Without the seed,  
> there is no plant.' - JW, April 2005
> _ __________________ _
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

--
Kim Holburn
IT Network & Security Consultant
Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
datefmt.htm

In pre 9/11 US, you check out books at the library. In Bush's  
America, the library checks out you!
                           -- with apologies to Yakov Smirnov

More information about the Link mailing list