OMRF-ISG Archives

OMRF's Information Support Group

omrf-isg@SPEEDY.OUHSC.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Todd Walker <[log in to unmask]>
Reply To:
OMRF's Information Support Group <[log in to unmask]>
Date:
Fri, 13 Aug 2004 13:18:45 -0500
Content-Type:
multipart/mixed
Parts/Attachments:
text/plain (1086 bytes) , text/enriched (1978 bytes) , image.tiff (12 kB) , image.tiff (12 kB) , text/plain (12 kB) , text/enriched (12 kB) , image.tiff (12 kB) , image.tiff (12 kB) , text/plain (12 kB) , text/enriched (12 kB) , image001.gif (7 kB) , image002.gif (7 kB)
This is from OUHSC; I'm sure not everyone on omrf-isg is on their
mailing list...

Begin forwarded message:

From: "IT Security \(HSC\)" <[log in to unmask]>
Date: August 9, 2004 2:18:39 PM CDT
To: "HSC-OUHSC" <[log in to unmask]>
Subject: *** VIRUS ALERT *** - OFFICIAL COMMUNICATION FROM INFORMATION
SECURITY SERVICES
Received: from LIPIZZAN.hsc.net.ou.edu ([157.142.13.170]) by
MRED.hsc.net.ou.edu with Microsoft SMTPSVC(6.0.3790.0); Mon, 9 Aug 2004
14:20:11 -0500
Mime-Version: 1.0
Content-Class: urn:content-classes:message
Content-Type: multipart/signed; micalg=SHA1;
boundary="----=_NextPart_000_0008_01C47E1B.C3DB6A50";
protocol="application/x-pkcs7-signature"
Return-Path: <[log in to unmask]>
X-Mimeole: Produced By Microsoft Exchange V6.5.7226.0
X-Originalarrivaltime: 09 Aug 2004 19:20:11.0020 (UTC)
FILETIME=[E3A374C0:01C47E45]
Message-Id:
<[log in to unmask]>
X-Ms-Has-Attach: yes
X-Ms-Tnef-Correlator:
Thread-Topic: *** VIRUS ALERT *** - OFFICIAL COMMUNICATION FROM
INFORMATION SECURITY SERVICES
Thread-Index: AcQIUaZH+Clj2LMoSZOhLEc7NSgG5h18dUYQ




ATTENTION ALL OUHSCFaculty, Staff, and Students We have received reports that a newvirus (W32/Bagle.aq@MM) is sending email with an infectious.ZIP attachment. Steps you should follow: Step #1 DO NOT open the attachment associated with this email. Step #2 Delete the email. If you opened the attachmentcontact yourdepartmentaltechnical support or Tier 1immediately. VIRUS CHARACTERISTICS SHOWN BELOW:
 From : (address is spoofed) Subject : (blank) Body Text:          new price   There is indication in the file that it may also try to password-protect some ZIP files, in which case it will add one of the following to the message body:          The password is          Password:   The password will then be contained in an embedded image file. Attachment: (may be one of the following)          price.zip          price2.zip          price_new.zip          price_08.zip          08_price.zip          newprice.zip          new_price.zip          new__price.zip   The ZIP file contains PRICE.EXE and PRICE.HTML, as described above. For more information see: http://vil.nai.com/vil/content/v_127423.htm Information Security Services University of Oklahoma Health Science Center http://www.ouhsc.edu/it/security/

ATOM RSS1 RSS2