RSS Feed Twitter

This is featured post 1 title

Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.

This is featured post 2 title

Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.

This is featured post 3 title

Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.

This is featured post 4 title

Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.

This is featured post 5 title

Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.

Chủ Nhật, 28 tháng 8, 2011

Finally: co.tv cancels free "domain" registration service!

18:54 nam tóc xù
Certainly took them long enough, but having been the latest service to be bombarded and misused by criminals, it seems at least one of the many heavily abused providers has seen sense and cancelled the option to create a free "domain" through them.

If you've been taking note, you'll have noticed the sheer volume of hostnames created on *.co.tv that have been involved in fake meds and exploits.
Read More

Thứ Bảy, 27 tháng 8, 2011

ALERT: clickme**.fileave.com Part 2

20:49 nam tóc xù
And courtesy of my friend Anthony at MalwareURL (and I'm shamefully admitting to not thinking of checking this myself), here comes another 328 of them;

http://clickmeaa.fileave.com/
http://clickmeab.fileave.com/
http://clickmeac.fileave.com/
http://clickmead.fileave.com/
http://clickmeae.fileave.com/
http://clickmeaf.fileave.com/
http://clickmeag.fileave.com/
http://clickmeah.fileave.com/
http:/
Read More

ALERT: clickme**.fileave.com

18:39 nam tóc xù
Yet another mass compromise going on recently folks (yep, surprise surprise). This time, the malicious code leads to a URL in the format;

clickme**.fileave.com

Where ** are letters based on the date/time. Yesterday (27th), these were clickmen[a-z].fileave.com, and today these are rather predictably, clickmeo[a-z].fileave.com.

Yesterdays were reported to both Network Solutions, and to FileAve (
Read More

hpHosts: Updated August 27th 2011

15:18 nam tóc xù
I know it's late folks, and my apologies (better late than never?). Sadly the connection has been rubbish lately (I had a second phone and broadband line installed with another provider Wednesday gone and the current line is being re-provisioned, so should hopefully see the issues vanish).

The hpHOSTS Hosts file has been updated. There is now a total of 189,155 listed hostsnames.

If you are NOT
Read More

Thứ Năm, 25 tháng 8, 2011

ALERT: Windows Live Phish

22:38 nam tóc xù
There's another phish doing the rounds lately it seems, this time targetting Windows Live users.

If you've received an e-mail similar to the following, click "Mark As" > "Phishing Scam" and delete it - DO NOT CLICK THE LINK!

Windows-Live - Account ALERT! - *Re-activate your account* (24-Aug)?

Dear (email address),

We are sending you this e-mail because Microsoft SmartScreen Technology has
Read More

Thứ Năm, 11 tháng 8, 2011

Alert: Inferno.name criminality and malware - again

15:56 nam tóc xù
Something evil on 95.168.177.144: reddingtaxcm.com and inferno.name

reddingtaxcm.com is a legitimate domain that is registered at GoDaddy and has been hijacked to serve up malware, hosted on 95.168.177.144 (NetDirekt, Germany but more below..).

The malware appears to be a variant of Vundo / Virtumundo, the infection mechanism looks to be some sort of injection attack on third party sites.

Read More

Thứ Tư, 10 tháng 8, 2011

Using LinkedIn? Seen this yet?

20:30 nam tóc xù
Few people asked me to join LinkedIn recently, a site I've avoided like all other social networks for as long as I can remember, and I decided "at least it's not Facebook" (who themselves have now decided to get even worse), so popped over. I already know that social networks can't be trusted, they've proven that time and time again, and now it seems LinkedIn are proving it themselves;

Read More

hpObserver, hpHosts, BotScout

12:46 nam tóc xù
A few updates today folks. Firstly, I've published a new hpObserver release. Nothing special, just a couple of bug fixes.

The hpHosts release has also been delayed due to a worse than rubbish connection, drastically slowing down the validation process (almost 24 hours just to run a DNS validation on 3600 domains (only seems to be DNS affected by the slowdown so far)).

I also noted yesterday
Read More

Chủ Nhật, 7 tháng 8, 2011

hpObserver v0.6.4

19:09 nam tóc xù
Version: 0.6.4Added: List ASN associated with IP. Fixed: IP formatting when saving to text and there's more than one IP Downloadhttp://support.it-mate.co.uk/?mode=Products&act=DL&p=hpobserver
Read More

Thứ Tư, 3 tháng 8, 2011

ALERT: mstdpro.com and botnets

18:30 nam tóc xù
Just a warning folks, there's a replacement for the now suspended rulesbreacker.com/wsumg.com botnet, and it's mstdpro.com. Resolving to residential IPs and serving exploits and a trojan through URLs such as;mstdpro.com/mydata/forms/apisrv.phpmstdpro.com/appserver/mstdpro.com/efs/servlet/military/login.jspmstdpro.com/app/bps/main/mstdpro.com/arc/files/mstdpro.com/arc/files/archivo.exemstdpro.com/
Read More
Đăng ký: Bài đăng (Atom)
Twitter Delicious Facebook Digg Stumbleupon Favorites More

Popular Posts