Feeds

Cisco and Sophos spoofed in virus mail-outs

Forged infected email

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Cisco Systems has written to users to warn against forged messages containing computer viruses which purport to come from its Product Security Incident Response Team (PSIRT).

Several forged virus bearing emails apparently from psirt@cisco.com have been sent out, one of which (containing an infected attachment 'width.pif') was received by The Register this morning. These messages are not authentic and can be safely ignored, Cisco advises.

Cisco is "aware of these emails and is actively looking at solutions to reduce or eliminate the forged messages", it said in a notice to subscribers of the list this evening.

Authentic Cisco messages on the moderated mailing list can be identified by a PGP signature and will originate from a verified "cisco.com" address, it advises.

Similarly spoofed email messages infected with the Klez virus have forced AV vendor Sophos to deny any responsibility in the wider distribution of the virus.

The recent Klez-H worm uses its own SMTP engine, and can appear to have come from any email address, it advises.

Some of its other customers have also reported receiving an unsolicited email apparently from Sophos claiming to contain disinfection tools for the W32/ElKern virus.

These emails contain a copy of the Klez-G worm and, again, do not originate from Sophos, the company states.

Sophos recommends that users do not open or launch unsolicited executable attachments and keep their anti-virus software updated.

Computer users are also advised to consider installing a patch from Microsoft which should fix a vulnerability in some versions of Outlook, Outlook Express, and Internet Explorer that is exploited by Klez-H and a number of other viruses.

After a slow start, spread of the Klez-H worm has reached near epidemic proportions. Managed services firm MessageLabs reports blocking more than 200,000 virus infected emails destined for its customers, since the virus first appeared last week. ®

Related stories

Klez worm infects and infuriates
Newmedia agency cleared of spreading worm
Sophos rebuffs virus-spreading charge
Norton AV update rings false alarm bells
Symantec spills email addresses of list subscribers
How secure is CA's security mailing list?
Virus writers outpace traditional AV

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.