[nsp-sec] - ACK 209 Compromised websites
Hicks, Howard
Howard.Hicks at CenturyLink.com
Tue Jul 10 12:28:36 EDT 2012
Thanks for the heads up.
________________________________________
From: nsp-security-bounces at puck.nether.net [nsp-security-bounces at puck.nether.net] On Behalf Of Thomas Hungenberg [th.lab at hungenberg.net]
Sent: Tuesday, July 10, 2012 9:27 AM
To: nsp-sec
Subject: [nsp-sec] Compromised websites
----------- nsp-security Confidential --------
Hi,
please find below a list of websites that recently have been found compromised by Symantec.
The attackers uploaded a malicious .htaccess to redirect users to sites spreading Trojan.Milicenso.
See this report for more information:
http://www.symantec.com/connect/blogs/trojanmilicenso-infection-through-htaccess-redirection
Format: ASN | CC | IP | hostname | AS name
209 | US | 72.164.56.24 | valentinelutheran.com | ASN-QWEST - Qwest Communications Company, LLC|
- Thomas
CERT-Bund Incident Response & Anti-Malware Team
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
More information about the nsp-security
mailing list