Last Updated: 2007-10-27 02:38:10 UTC
by Adrien de Beaupre (Version: 3)
we are looking for examples of the PDFs being sent out, snort signatures, the IP addresses sending them out, the IP addresses they download malware from, and examples of the malware.
Please upload here: http://isc.sans.org/contact.html
Adrien de Beaupré
UPDATE: Thanks all for the examples for the pdf's. Please be sure and submit some IP addresses for the controllers, if you have anymore. I've been told that Snort rules have been created by Sourcefire's VRT team. They are subscription only.