Print

Print


Hi Scott,

Thanks for sharing this; I must to admit having missed it in a different community discussion back in May. We're running down the indicators of compromise now and will work this into our alerting scheme as best we can.


Cheers,

-sth

--
Sam Hooker | [log in to unmask]
Information Security Engineer
Enterprise Technology Services
The University of Vermont


On 20150701, at 08:51, Scott E Turnbull <[log in to unmask]> wrote:

> A pointer to an article about the existence of a corrupted PuTTY build ran through my feeds, today.
> 
> http://blog.fortinet.com/post/like-putty-in-a-hacker-s-hands
> 
> Apparently this was identified in the wild a couple of years ago, and there are various security filters that have been used in different places to prevent downloads, catch errant network activity, etcetera.
> 
> I know that PuTTY is on the UVM software download page.
> 
> https://www.uvm.edu/software/magicscript.php?platform=Windows
> 
> Have there been any explicit actions on the UVM network taken to identify/intercept the bogus PuTTY activity described in the fortinet article?
> 
> 
> -- 
> Scott Turnbull
> EPSCoR Software Engineer