[Mimedefang] Add the .iso extension to the forbidden list
Kevin A. McGrail
KMcGrail at PCCC.com
Wed Jun 26 18:30:44 EDT 2019
On 6/26/2019 6:25 PM, Kenneth Porter wrote:
>
> <https://www.zdnet.com/article/this-phishing-campaign-uses-an-odd-tactic-to-infect-windows-pcs-with-two-forms-of-trojan-malware/>
>
>
> The attackers are spreading malware as executables in small ISO disk
> images.
>
> I'm adding iso to $bad_exts in filter_bad_filename.
Interesting. We've seen this attack vector for years. You are welcome
to look at our blocked attachment list at
https://raptor.pccc.com/raptor.cgim?template=raptor_attachment_stripped
including information about why we blocked it.
Regards,
KAM
More information about the MIMEDefang
mailing list