This is featured post 1 title
Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.
This is featured post 2 title
Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.
This is featured post 3 title
Replace these every slider sentences with your featured post descriptions.Go to Blogger edit html and find these sentences.Now replace these with your own descriptions.This theme is Bloggerized by Lasantha - Premiumbloggertemplates.com.
Thứ Bảy, 31 tháng 12, 2011
17:12
nam tóc xù
I know it's not 2012 everywhere yet, but it is here, so happy new year everyone!.2011 has been an exceptionally strange, and sometimes downright frustrating year, and I doubt 2012 will be any different as I don't forsee some of the hosting companies/registrars attitudes changing, nor do I see ICANN or Ripe/Arin et al, getting off their backside and doing their damn job for a change.However, 2011
Thứ Sáu, 30 tháng 12, 2011
01:34
nam tóc xù
The hpHOSTS Hosts file has been updated. There is now a total of 230,392 listed hostsnames.If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)Latest Updated: 29/12/2011 00:15Last Verified: 28/12/2011 22:33Download hpHosts now!http://hosts-file.net/?s=Download
Thứ Tư, 28 tháng 12, 2011
Thứ Tư, 21 tháng 12, 2011
12:03
nam tóc xù
Ransomware, the practice of providing fake notifications that “you’re infected” and then selling a fake solution that removes the fake malware they just installed, has been a boon for scammers. Now, they’re taking it a step farther, and throwing in a law enforcement scare.This time, an official-looking banner pops up, purporting to be from various law enforcement agencies, localized by region,
Thứ Sáu, 9 tháng 12, 2011
21:40
nam tóc xù
I am assisting a friend at present, with an issue involving IPs constantly attacking his servers, and noted during one of his recent updates, that alot of them were HostNOC - turns out, there's quite the list of them (ignoring the others from known criminal networks). All are RFI etc, and all are already being blocked by ZBBlock (a script written by my friend Zaphod).The problem here, is HostNOCs
12:21
nam tóc xù
This one came in whilst I was asleep, no JS MITMs this time, just the link in the e-mail that uses a meta refresh to redirect you to the domain housing the Blackhole exploit itself;Hello,Shipping ConfirmationOrder # 651-5411744-0155168 Your estimated delivery date is:Tuesday, December 13, 2011Track your package
Thứ Năm, 8 tháng 12, 2011
22:29
nam tóc xù
This one came in an e-mail claiming to be from Facebook, with the usual social engineering rubbish;facebook Hi,You haven't been back to Facebook recently.You have received notifications while you were gone. 1 message
11:55
nam tóc xù
This little chap arrived in my spam box today, and almost got over-looked (I was checking the newest e-mails leading to the Blackhole exploit (one of which, couldn't decide if it was from LinkedIn or the FDIC)), and not surprisingly, is fake.The Payload, all 593KB of it, infects the unwitting victim with the SpyEye trojan. VT detection is utterly rubbish of course - only 2 vendors detecting
Thứ Hai, 5 tháng 12, 2011
10:01
nam tóc xù
I received a comment to the 2009 blog. This one houses a variation of the MO used that I outlined in part 1 (was not going to be a part 2, but it's got a few changes that warranted it).The MO in this case, is;1. Site A2. ExploitThere's no MITMs this time. There's also a slight change in the code used on the exploit page itself, though curiously, it's even easier to decode than the last one (only
03:01
nam tóc xù
For those wondering and not yet aware. The latest incarnations coming via e-mail have changed MO - the link to the exploit itself, isn't directly in the e-mail anymore. Instead, it goes via;1. Site A2. 4 x MITMs5. Exploit siteIn this case;cadcamengineers.com/6ebc21/index.html-> napaul.com/statcounters.js-> proplastics.rs/statcounters.js-> rodns.eu/statcounters.js-> sashandbow.com.au/
Đăng ký:
Bài đăng (Atom)
Popular Posts
-
Infection Summary Spam emails to redirector landing page. Redirector Page: lincolnlutheran.org/mail.htm / 67.222.108.81 PluginDetect/BHEK: ...
-
You've probably noticed by now that the server that houses it-mate.co.uk and forum.avantbrowser.com (amongst others), is down and has be...
-
*) This post is dedicated to MalwareMustDie Malware Crusaders team involved! Maybe some of you read our previous blog ( HERE ) when we crack...
-
This is a quick memo of a crusade event, our encounter notes with CritXPack Exploit Kit, I think this will help others, so I dare to make do...
-
Had to pay an extra £70, but I'm going to be back tonight, so it's worth it (train leaves in 6 mins), saves me spending 10 hours at ...
-
Whether it's those god awful "fake surveys" that you can rarely get through to get the "leet crack", "free iPho...
-
I have had a few users telling me they were having problems both contacting me, and using the SBST. One user narrowed it down to undisposabl...
-
I am following the steps of infection of ONE spam mail which lead to a sophisticated exploit kit which dropped MANY malwares, during infecti...
-
I do sometimes wonder what some of the folks over at Microsoft are smoking. Sure, they're mostly obsessed with "social media" ...
-
We ran into the bunch of url as per hinted by our friend→ @abhinavbom (with Thanks!) accountpro001.ru/flow08.php accountpro002.ru/flow08.p...
Blog Archive
-
▼
2011
(108)
-
▼
tháng 12
(10)
- Happy New Year!
- hpHOSTS - UPDATED 29th December 2011
- hpHosts server issues
- Ransomware impersonating law enforcement
- Dear HostNOC - your servers are attacking a friend!
- Blackhole exploit: For those wondering, Part 4 - N...
- Blackhole exploit: For those wondering, Part 3 - F...
- Fake Firefox e-mail leading to SpyEye trojan
- Blackhole exploit: For those wondering, Part 2
- Blackhole exploit: For those wondering
-
▼
tháng 12
(10)