Front Page Hack
First off, thanks to all who sent in log snippets, pcaps or an analysis of the Front Page hack that Joshua reported in yesterday's diary.
To sum up what we've seen, the attack seems to have been first observed back in March and may be generated by a poorly written worm
One reader reported this to be a precursor to the download of lsd.exe which is detected by Symantec as although the behavior that has been reported doesn't seem to match Symantec's description.
Jun 22nd 2005
1 decade ago