WSAZ Apologizes.
Moderators: Hoosier Daddy, The People's DJ, Arp2
- genlock
- Moderator
- Posts: 5867
- Joined: Fri Dec 21, 2001 4:09 pm
- Location: OW
WSAZ Apologizes.
WSAZ's Amanda Barren apologized at the top of the newscast for a "virus" that is affecting grafx, captioning and a lot of other stuff. Amanda indicated that the "virus" reached WSAZ via the parent company, Gray Broadcasting.
I wonder if the computer people were able to be located to be called out to fix it. I wonder if someone just crashed the newsroom system and couldn't get it to re-boot properly.
The newscast ended at 6:18pm.
I wonder if the computer people were able to be located to be called out to fix it. I wonder if someone just crashed the newsroom system and couldn't get it to re-boot properly.
The newscast ended at 6:18pm.
- square_enix
- Newbie
- Posts: 9
- Joined: Wed Dec 31, 2003 2:03 am
- Location: Hunt Town
Yeah, The Virus knocked down all of our Windows 2000 Systems and servers that were tied to the GRAY network.
2 Of Grays TV stations were knocked completely off the Air because of the Virus.
We thought it was a pure inside job until we discovered WOWK-TV had also been hit by the Virus.
As far as Newsroom went, We lost ENPS, Internet, and Email.
A Fun Evening all around.
2 Of Grays TV stations were knocked completely off the Air because of the Virus.
We thought it was a pure inside job until we discovered WOWK-TV had also been hit by the Virus.
As far as Newsroom went, We lost ENPS, Internet, and Email.
A Fun Evening all around.
- fearpeddler
- Member
- Posts: 1662
- Joined: Mon Jul 10, 2006 8:27 pm
- square_enix
- Newbie
- Posts: 9
- Joined: Wed Dec 31, 2003 2:03 am
- Location: Hunt Town
As of right now,
We still have the virus in house. And continue to operate on a skeleton system.
Name of the Virus, I dont know that yet.
We still have the virus in house. And continue to operate on a skeleton system.
Name of the Virus, I dont know that yet.
"Look at this place, fifty-thousand people used to live in this city, now it's a ghost town. I've never seen anything like it." : Captain Macmillan {In reference to Pripyat Ukraine}
-
- Member
- Posts: 887
- Joined: Fri Aug 09, 2002 8:41 am
- Location: Birmingham Ala-BAMA!
- Contact:
It a virus that piggybacks on .ani animated cursor files - either via e-mail or embedded in webpages.square_enix wrote:As of right now,
We still have the virus in house. And continue to operate on a skeleton system.
Name of the Virus, I dont know that yet.
We're on holy-crap lock-down on our servers too.
Hopefully, there will be a patch this week.
Norton has the following:
ThreatCon Level is 2
The ThreatCon has been raised to level 2. A new, zero-day attack that exploits an unpatched vulnerability in the way Microsoft Windows handles Animated Cursor (ANI) files has been discovered in the wild. The malicious ANI files are most likely to be hosted on websites. When a victim visits a site, arbitrary code may run. Microsoft has confirmed the issue and is currently planning to issue a Security Update. An exploit code leveraging the vulnerability has been released publicly. Since the exploit works independently of the file extension, blocking ANI files would not mitigate the issue. A self propagating, worm-like variant of the exploit has also been reported, which propagates links to websites hosting malicious ANI files. It is being detected as W32.Fubalca by Symantec AntiVirus. Customers are advised to block the following domains which are known to host the exploit and keep their AntiVirus definitions up-to-date. 1.520sb.cn 220.71.76.189 222.73.220.45 55880.cn 81.177.26.26 85.255.113.4 bc0.cn count12.51yes.com count3.51yes.com d.77276.com fdghewrtewrtyrew.biz i5460.net jdnx.movie721.cn newasp.com.cn s103.cnzz.com s113.cnzz.com ttr.vod3369.cn uniq-soft.com wsfgfdgrtyhgfd.net 04080.com 33577.cn h3210.com hackings.cn koreacms.co.kr macrcmedia.com macrcmedia.net ncph.net xxx.cn 2007ip.com microfsot.com Microsoft Security Advisory (935423): Vulnerability in Windows Animated Cursor Handling (http://www.microsoft.com/technet/securi ... 35423.mspx
------------------------
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
-
- Member
- Posts: 1859
- Joined: Fri Apr 14, 2006 8:22 am
- Location: Nowhere near Wheeling, thank you Jesus!
-
- Member
- Posts: 887
- Joined: Fri Aug 09, 2002 8:41 am
- Location: Birmingham Ala-BAMA!
- Contact:
Start adding these forbidden domains to your router's firewalls before the sales-geeks open their mail Monday:
1.520sb.cn
220.71.76.189
222.73.220.45
55880.cn
81.177.26.26
85.255.113.4
bc0.cn
count12.51yes.com
count3.51yes.com
d.77276.com
fdghewrtewrtyrew.biz
i5460.net
jdnx.movie721.cn
newasp.com.cn
s103.cnzz.com
s113.cnzz.com
ttr.vod3369.cn
uniq-soft.com
wsfgfdgrtyhgfd.net
04080.com
33577.cn
h3210.com
hackings.cn
koreacms.co.kr
macrcmedia.com
macrcmedia.net
ncph.net xxx.cn
2007ip.com
microfsot.com
1.520sb.cn
220.71.76.189
222.73.220.45
55880.cn
81.177.26.26
85.255.113.4
bc0.cn
count12.51yes.com
count3.51yes.com
d.77276.com
fdghewrtewrtyrew.biz
i5460.net
jdnx.movie721.cn
newasp.com.cn
s103.cnzz.com
s113.cnzz.com
ttr.vod3369.cn
uniq-soft.com
wsfgfdgrtyhgfd.net
04080.com
33577.cn
h3210.com
hackings.cn
koreacms.co.kr
macrcmedia.com
macrcmedia.net
ncph.net xxx.cn
2007ip.com
microfsot.com
------------------------
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
-
- Member
- Posts: 887
- Joined: Fri Aug 09, 2002 8:41 am
- Location: Birmingham Ala-BAMA!
- Contact:
Whoops, almost forgot...daveinthemorning wrote:BTW I think Adam Joesph is long gone from WSAZ. Speaking of WSAZ, Cameron, don't you have a picture to post for Nunley?
------------------------
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
Cameron Smith - CSRE®
Senior Member - SBE 68 Birmingham
Senior Digital Product Manager - Hibbett Sports|City Gear
- fearpeddler
- Member
- Posts: 1662
- Joined: Mon Jul 10, 2006 8:27 pm
- square_enix
- Newbie
- Posts: 9
- Joined: Wed Dec 31, 2003 2:03 am
- Location: Hunt Town
According to sources:
WOWK-TV also got it.
On Good News, SAZ's systems are slowly returning to an Online State.
"VIRUS WATCH 07" is hopefully over...
WOWK-TV also got it.
On Good News, SAZ's systems are slowly returning to an Online State.
"VIRUS WATCH 07" is hopefully over...
"Look at this place, fifty-thousand people used to live in this city, now it's a ghost town. I've never seen anything like it." : Captain Macmillan {In reference to Pripyat Ukraine}
-
- Newbie
- Posts: 6
- Joined: Thu Feb 05, 2004 9:54 pm
Not sure who your sources are but as fas as i am aware of no WV media stations have been hit with this virus... all IT and engineering staff at WV Media stations were notified as soon as word got out that WSAZ-TV got hit... and everyone took a very proactive stance in light of this situation.
It is unfortunate that many news outlets that use enps and other hardware/software combinations that are forced to use older operating systems that Microsoft does not release patches in a timely manner.
It is unfortunate that many news outlets that use enps and other hardware/software combinations that are forced to use older operating systems that Microsoft does not release patches in a timely manner.
-
- Member
- Posts: 30
- Joined: Mon Dec 08, 2003 2:22 pm
Virus Story from FTV
Computer Virus causes Havoc at WSAZ
A vulnerability in Microsoft Windows operating system apparently allowed a potent virus to penetrate the computer systems at WSAZ (West Virginia).
It happened early Saturday morning just before "NewsChannel 3 Sunrise" went on the air at 6am.
According to information technology (IT) professionals at WSAZ, it appears a "zero day attack" is the source of the problems, affecting the station's critical systems.
According to Wikipedia, a zero day attack is "a computer threat that exposes undisclosed or unpatched computer application vulnerabilities. Zero-day attacks can be considered extremely dangerous because they take advantage of computer security holes for which no solution is currently available."
The systems affected include the station's graphics, closed captioning, and many other computer applications that help bring a newscast to air. Despite these hurdles, WSAZ still aired newscasts as scheduled Saturday at 6am and 6pm, although the latter was shortened from 30 to 18 minutes.
The vulnerability was announced on Wednesday, March 28. According to Microsoft, a "hole" in certain versions of Microsoft Windows could allow an attacker to remotely run programs on some computers if the user accesses certain websites that contain malicious code.
Right now, Microsoft has not released a fix for the vulnerability in its software.
The same attack has also caused significant issues at other television stations owned by WSAZ's parent company, Gray Television. A computer security website reports that this system flaw has reached "highly severe" status.
Despite the system problems, WSAZ will continue to bring you up-to-date, live newscasts.
A vulnerability in Microsoft Windows operating system apparently allowed a potent virus to penetrate the computer systems at WSAZ (West Virginia).
It happened early Saturday morning just before "NewsChannel 3 Sunrise" went on the air at 6am.
According to information technology (IT) professionals at WSAZ, it appears a "zero day attack" is the source of the problems, affecting the station's critical systems.
According to Wikipedia, a zero day attack is "a computer threat that exposes undisclosed or unpatched computer application vulnerabilities. Zero-day attacks can be considered extremely dangerous because they take advantage of computer security holes for which no solution is currently available."
The systems affected include the station's graphics, closed captioning, and many other computer applications that help bring a newscast to air. Despite these hurdles, WSAZ still aired newscasts as scheduled Saturday at 6am and 6pm, although the latter was shortened from 30 to 18 minutes.
The vulnerability was announced on Wednesday, March 28. According to Microsoft, a "hole" in certain versions of Microsoft Windows could allow an attacker to remotely run programs on some computers if the user accesses certain websites that contain malicious code.
Right now, Microsoft has not released a fix for the vulnerability in its software.
The same attack has also caused significant issues at other television stations owned by WSAZ's parent company, Gray Television. A computer security website reports that this system flaw has reached "highly severe" status.
Despite the system problems, WSAZ will continue to bring you up-to-date, live newscasts.