Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Request for info, IPs, exploit examples on PDF mailto documents

Published: 2007-10-26
Last Updated: 2007-10-27 02:38:10 UTC
by Adrien de Beaupre (Version: 3)
0 comment(s)

Hi all,

we are looking for examples of the PDFs being sent out, snort signatures, the IP addresses sending them out, the IP addresses they download malware from, and examples of the malware.

Please upload here: http://isc.sans.org/contact.html

Cheers,
Adrien de Beaupré
Bell Canada

UPDATE:  Thanks all for the examples for the pdf's.  Please be sure and submit some IP addresses for the controllers, if you have anymore.   I've been told that Snort rules have been created by Sourcefire's VRT team.  They are subscription only.

Joel Esler

http://handlers.sans.org/jesler

Keywords:
0 comment(s)
Diary Archives