We’re seeing a lot of activity from the W32[EMAIL PROTECTED] virus (http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED])
Could someone help me cobble together a rule quickly to counteract the attachments it’s using. Something to catch test.zip, readme.zip and body.zip (the most common ones it appears to be using at the moment).
Cheers, Richard
|
- Re: [SAtalk] W32.Novarg.A@mm virus Richard Beyer
- Re: [SAtalk] W32.Novarg.A@mm virus Jon
- [SAtalk] Re: W32.Novarg.A@mm virus John Hall
- Re: [SAtalk] Re: W32.Novarg.A@mm virus Brad Hazledine
- Re: [SAtalk] Re: W32.Novarg.A@mm virus up
- Re: [SAtalk] W32.Novarg.A@mm virus Christopher X. Candreva
- [SAtalk] Re: W32.Novarg.A@mm virus Chris Barnes
- Re: [SAtalk] Re: W32.Novarg.A@mm viru... Matthew Trent
- RE: [SAtalk] Re: W32.Novarg.A@mm viru... Russell Mann
- Re: [SAtalk] Re: W32.Novarg.A@mm viru... Matthew Trent