OMRF-ISG Archives

OMRF's Information Support Group

omrf-isg@SPEEDY.OUHSC.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Mime-Version:
1.0 (Apple Message framework v619)
Sender:
OMRF's Information Support Group <[log in to unmask]>
Subject:
From:
Todd Walker <[log in to unmask]>
Date:
Fri, 13 Aug 2004 13:18:45 -0500
Content-Type:
multipart/mixed; boundary=Apple-Mail-1-297292267
Reply-To:
OMRF's Information Support Group <[log in to unmask]>
Parts/Attachments:
text/plain (1086 bytes) , text/enriched (1978 bytes) , image.tiff (12 kB) , image.tiff (12 kB) , text/plain (12 kB) , text/enriched (12 kB) , image.tiff (12 kB) , image.tiff (12 kB) , text/plain (12 kB) , text/enriched (12 kB) , image001.gif (7 kB) , image002.gif (7 kB)
This is from OUHSC; I'm sure not everyone on omrf-isg is on their
mailing list...

Begin forwarded message:

From: "IT Security \(HSC\)" <[log in to unmask]>
Date: August 9, 2004 2:18:39 PM CDT
To: "HSC-OUHSC" <[log in to unmask]>
Subject: *** VIRUS ALERT *** - OFFICIAL COMMUNICATION FROM INFORMATION
SECURITY SERVICES
Received: from LIPIZZAN.hsc.net.ou.edu ([157.142.13.170]) by
MRED.hsc.net.ou.edu with Microsoft SMTPSVC(6.0.3790.0); Mon, 9 Aug 2004
14:20:11 -0500
Mime-Version: 1.0
Content-Class: urn:content-classes:message
Content-Type: multipart/signed; micalg=SHA1;
boundary="----=_NextPart_000_0008_01C47E1B.C3DB6A50";
protocol="application/x-pkcs7-signature"
Return-Path: <[log in to unmask]>
X-Mimeole: Produced By Microsoft Exchange V6.5.7226.0
X-Originalarrivaltime: 09 Aug 2004 19:20:11.0020 (UTC)
FILETIME=[E3A374C0:01C47E45]
Message-Id:
<[log in to unmask]>
X-Ms-Has-Attach: yes
X-Ms-Tnef-Correlator:
Thread-Topic: *** VIRUS ALERT *** - OFFICIAL COMMUNICATION FROM
INFORMATION SECURITY SERVICES
Thread-Index: AcQIUaZH+Clj2LMoSZOhLEc7NSgG5h18dUYQ




  ATTENTION ALL OUHSC Faculty, Staff, and Students   We have received reports that a new virus  (W32/Bagle.aq@MM)  is sending email with an infectious .ZIP attachment.   Steps you should follow: Step #1 DO NOT open the attachment associated with this email. Step #2 Delete the email. If you opened the attachment contact your departmental technical support or Tier 1 immediately.   VIRUS CHARACTERISTICS  SHOWN BELOW:
   From : (address is spoofed) Subject : (blank) Body Text:         • new price   There is indication in the file that it may also try to password-protect some ZIP files, in which case it will add one of the following to the message body:         • The password is         • Password:   The password will then be contained in an embedded image file. Attachment: (may be one of the following)         • price.zip         • price2.zip         • price_new.zip         • price_08.zip         • 08_price.zip         • newprice.zip         • new_price.zip         • new__price.zip   The ZIP file contains PRICE.EXE and PRICE.HTML, as described above. For more information see: http://vil.nai.com/vil/content/v_127423.htm Information Security Services University of Oklahoma Health Science Center http://www.ouhsc.edu/it/security/

ATOM RSS1 RSS2