 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
On Thu, 2003-10-02 at 07:35, wbeckham wrote: > Summary: > Yesterday TruSecure began to observe evidence of an active attack against > users of Internet Explorer 6.0. The attack comprised of a banner, hosted by > FortuneCity.com, which in turn used JavaScript to redirect the self-closing > "pop-under" banner to a site hosted by EV1.NET (Everyone's Internet.) An > EV1.NET site then delivered executable code which in turn invoked the HTA > vulnerability. So, anybody know any URLs for these that we can (at least temporarily) block at the proxy? -- John Hardin KA7OHZ Internal Systems Administrator voice: (425) 672-1304 Apropos Retail Management Systems, Inc. fax: (425) 672-0192 ----------------------------------------------------------------------- There is no problem that cannot be solved by the appropriate application of high explosives. ----------------------------------------------------------------------- 34 days until Matrix Revolutions _______________________________________________ list mailing list [EMAIL PROTECTED] To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.