Hello Eric, You’re saying that you were caught up in the Exchange attacks, but ClamAV was able to catch an installed Webshell?
-- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org On Mar 13, 2021, at 8:12 PM, Eric Tykwinski <eric-l...@truenet.com<mailto:eric-l...@truenet.com>> wrote: Joel, Micah, Just as a side note, I was compromised with everyone else, but thankfully have mitigated before things got too out of hand from what I can tell. Looks like the webshells are both caught from a scan I just did to test out: Asp.Trojan.Webshell0321-9840176-0 Thanks for the update…. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
