www.whizpr.nlProgressCommunications.euwww.marcommit.nl
www.whizpr.nlwww.deepr.nlProgressCommunications.eu

Volg ook via:
Datum: (22 jaar en 120 dagen geleden)
Bedrijf:
PR: Whizpr

Virusalert: Medium risk alert issued for worm_netsky.p

Description:
On Monday 22 March Trend Micro(tm) TrendLabs(tm) declared a medium risk alert for this new variant of Netsky. Trend Micro has so far received reports of the variant from Europe and USA. 

The worm appears to be the next in the now well- known 'virus' war between the creators of 'Netsky' and 'Bagle'. As with the latest variant of Bagle (Q), NETSKY.P, exploits an Internet Explorer vulnerability. It makes use of celebrity names like 'Britney Spears' and 'Eminem' in the files it drops, its message body also contains statements seeming to originate from certain antivirus vendors declaring that 'no virus' has been found.

Propagation:
This malware propagates using various techniques - via email using its own Simple Mail Transfer Protocol (SMTP) engine, by exploiting a known Internet Explorer vulnerability, via network shares - and with the use of social engineering:

* The email that it sends out has varying subjects, message bodies, and attachment file names. It gathers email addresses from files with certain extension names.

* It also has the ability to propagate via network shares by dropping copies of itself to shared folders of the affected system.

* It is the first of the Netsky variants to exploit a known vulnerability in the Internet Explorer involving the incorrect MIME header vulnerability (MS01-020) to execute the malware when the email is read. More information on this vulnerability is available at: www.microsoft.com/technet/security/bulletin/MS01-020.mspx . The recent Bagle.Q variant which made headlines last week also used a similar technique

Payload:
It also has a payload of deleting specific registry keys, if they exist.

This memory-resident worm is compressed using UPX, and runs on 95, 98, ME, NT, 2000 and XP.

Once WORM_NETSKY.P has infected a PC ...
...it creates certain registry entries so that it executes at every Windows startup, by creating further registry keys, it registers itself as a service.

How to recognise WORM_NETSKY.P:

This worm propagates via email using its own SMTP engine. The email message it sends out comes from a spoofed address. The subject line varies, but includes a number of seeming harmless examples, such as 'Protected Mail Request', 'Mail Authentication.  Its message body also contains details seemingly originating from antivirus vendors stating that no virus has been found - several factors which could lead the unsuspicious computer user to believe that it is safe to open the email. 

David Kopp, Head of TrendLabs Europe says, "The virus writers are now increasing the complexity of their creations - possibly an effect of this ongoing 'war', in an attempt to outdo their opponent. We are now seeing the inclusion of payloads and social engineering to a far greater degree. Computer users should remain extremely vigilant as this particularly unsettled time."

Trend Micro customers are protected from NETSKY.P, through the latest pattern file, number 832.

Customers of Outbreak Prevention Services should download OPP 99 to help protect against spread of this threat. For customers of Damage Cleanup Services, Damage Cleanup template # 296 is available.

Other users should use Trend Micro's free online virus scanner, Housecall, which can be found at http://housecall.trendmicro.com/ For more information, please visit: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NETSKY.P
 
# # #

About Trend Micro
Trend Micro is a leader in network antivirus and Internet content security software and services. The Tokyo-based corporation has business units worldwide. Trend Micro products are sold through corporate, value-added resellers and managed service providers. For additional information and evaluation copies of all Trend Micro products, visit: www.trendmicro-europe.com.

# # #

Trend Micro and the t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company or product names may be trademarks or registered trademarks of their owners. Information is accurate time it was written and is subject to change without notice.

For more information please contact:

Trend Micro      
Anna Wright     
EMEA PR Manager
Tel: +44 (0)1628 400534    
E-mail: Anna_Wright@trendmicro.co.uk  

Lammers van Toorenburg Benelux PR
Anja Breunis / Annegees van Linge
Tel: +31 (0)30 6565 070
E-mail: anja@lvtpr.nl / annegees@lvtpr.nl

Recent van Trend Micro  
TrendAI introduceert het ‘Inception Program’ en zet de volgende stap naar veilige innovatie met AI

Onderzoek TrendAI: “Zorgdata zijn ongeveer de meest waardevolle handelswaar geworden in de cybercriminaliteit”

TrendAI sluit zich aan bij Project Glasswing van Anthropic

Verstreken tijd: 22 jaar en 120 dagen
PR contact  

Logo Whizpr
Trend Micro contact  

+31 (0) 20 399 8304
www.trendmicro.com

Marcommit is hét full service B2B marketing bureau van Nederland! Wij helpen jouw bedrijf met offline en online marketing campagnes die écht werken.
 Spotlight  
Logo Productowner.nl
Logo ZAMKO
Logo Innvolve
Logo ClickPatrol
Logo NetRom Software
Logo RAVI RYAN MOHANLAL
Logo BTG
Logo NHA Opleidingen
Logo Polly.Help
Logo MI Consultancy
Logo Incentro
Logo Stromma Nederland
Logo Fairbanks
Logo Valid
Logo Westpoort
Logo DNA Services B.V.
Logo PQR
Logo Web Wings
Logo Spryng
Logo We talk SEO B.V.
Logo Victoria ID
Logo DNA Services B.V.
Logo Twenty Four Webvertising
Logo Web Wings
Logo Web Wings
Logo BusinessCom
Logo Msafe
Logo SCOS ViaCloud BV
Logo Keuze.nl BV
Logo Spryng
Logo Red Hat
Logo HCC
Logo Xebia
Logo Unit4
Logo reichelt elektronik
Logo Conclusion
Logo Schneider Electric
Logo Proofpoint
Logo PQR
Logo KnowBe4
Logo Web Wings
Logo Schneider Electric
Logo Learned
Logo Red Hat
Logo Veeam Software
TARIEVEN
Publicatie eenmalig €49

PUBLICATIEBUNDELS
6 voor €199
12 voor €349
Onbeperkt €499

EENMALIG PLAATSEN
Persbericht aanleveren

REGELMATIG PLAATSEN
Bedrijfsabonnement
CONTACT
Persberichten.com
JMInternet
Kuyperstraat 48
7942 BR Meppel
Nederland
info@persberichten.com
KvK 54178096

VOLGEN
@ICTBERICHTEN

ZOEKEN
IT bedrijf
IT PR-bureau
OVER ONS
Persberichten.com, hét platform voor IT/Tech persberichten

DATABASE
103946 persberichten
7050 bedrijfsprofielen
60 PR-bureauprofielen
17598 tags

KENMERKEN
• Behouden tekstopmaak
• Foto/illustratie/logo
• Downloadbare bijlages
• Profiel met socials
 
www.deepr.nlProgressCommunications.euwww.marcommit.nl
www.deepr.nlINFLUX PRwww.deepr.nl