Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Libpng exploit / XP SP2 yet / New MyDoom? / More phishing / ISC Webcast / Corporate Policy - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Libpng exploit / XP SP2 yet / New MyDoom? / More phishing / ISC Webcast / Corporate Policy
Libpng Exploit

A post today at Bugtraq Mailing List shows what suppose to be an exploit for Libpng vulnerability released a few days ago.


XP SP2 yet...

So, did you survive to the day after XP SP2? Share your experience with us at .

Microsoft released a document with Top 10 reasons to deploy SP2. Deploy or not? Check it here?

New MyDoom ?

We received two posts asking if we were aware of a New MyDoom variant. According to the posts, the new variant would be spreading over China and would in wild in the next hours. We are not aware of any new worm variant. (YET).

More phishing

More and more phishings everyday. The example bellow was sent by Ryan Barnett. It is a phishing for UsBank and uses two techniques to obfuscate the fake urls:


Decoded -


Decoded -

SANS ISC Webcast

Did you miss todays ISC Webcast? Check the archive at:

Corporate Policy...

Today you will have something extra to watch. Microsoft official MSN Messenger was released. If your corporate policy says that users are not allowed to use IM and you are already blocking the clients, watch out Web based IM. It may bypass some IM filters and allow them in your network.

Some Web Based are well known, as, now . Good luck...!


Handler on Duty: Pedro Bueno (bueno/AT/

155 Posts
ISC Handler
Aug 11th 2004

Sign Up for Free or Log In to start participating in the conversation!