The Obama spam and malcode gang is back at it with a new fast flux phishing and malcode ruse. This time it’s a demo from the Bank of America that requires the classic “Flash Upgrade”.
At the peak I was seeing 400 unique URLs for this run an hour. The URLs were unique strings, possibly for [...]
Seems that Apple’s OS X has been taking a minor beating in the malcode front lately, as noted in the blog post New Trojans Strike OS X from CA. I got a copy of it last night and had a look, I wanted to see what the OS X malcode community was up to. The [...]
Symantec has rained their TheatCon to 2, citing:
The ThreatCon is at level 2. Symantec Threat Management System sensors are observing a dramatic rise in IPs attacking TCP port 445. This activity is [...]
Based on our internal malcode analysis, we have been able to identify netblocks of “rogue” DNS servers. These servers seem to hand out the correct answer for proper queries, but for typos they hand out a DNS server that *may* be malicious, it’s not clear to me yet. Clearly this is a concern when you [...]
It all began innocently enough; I have been analyzing Apache logs for a while now, and when I spotted an RFI bot that was named “ddos.txt”, you know I had to look. After downloading it and analyzing it, I joined the channel with a copy of Bladerunner and started watching. The net’s been pretty quiet [...]
