Just when you thought it was safe to run IIS...

Maybe CERT-FI is following in the footsteps of US-CERT (free tip for you guys: 300 bps is obsolete!), which is why it's taken them eight months to say anything about this, but there is a particularly interesting worm that attacks Windows crawling around on the Net called Allaple-A which is remarkably subtle for an infectious agent. First of all, it's polymorphic, meaning that it rewrites parts of itself whenever it spreads, which makes it difficult for antivirus software to find and kill it. At first, it spread by bruteforcing passwords against the Radmin service and open network shares, but there …

Read more...