Historical database passed 5 million records

I am pleased and proud to announce, the historical records database has passed the 5 million record mark




Rather predictably, this has happened whilst I've been down London for InfoSec (here until later today), so no idea when it actually happened - I'm just happy to see it's happened!.

I know it sounds like a cliché, but I'd like to say thank you again to those of you using hpHosts, as

Read More

Blackhole exploit: The AT&T and Verizon connection

Looks like the Blackhole folk are branching out from the usual LinkedIn etc, e-mails leading to the Blackhole exploit.

Nothing new as far as the URLs and payloads themselves, but found this interesting so figured I'd pop a note on here about it.


Exported by: Outlook Export v0.1.9


From: AT&T Customer Care
E-mail:icare7@amcustomercare.att-mail.com [ - Invalid IP was passed to me ]
Date: 20/04

Read More

Blackshades on the move again

Having been suspended from more hosts than I care to remember, Blackshades are on the move again today, having been suspended from Snelis.

Their new IP belongs to Staminus, and you'll want to get it blackholed before they get the site live again.

72.8.190.93

Domains:

bshades.eu
blackshades.net
blackshades.ru
livetrafficid.biz
livetrafficid.org

The latter two are still showing their DNS

Read More

Exploit me baby one more time

Okay, so I couldn't come up with a decent title, but the content is never the less, interesting. For those not already familiar with it anyway.

As usual, this only covers basic things, needed to determine where it's going.

In short, myself and my friend and fellow MDL admin, Holger, were sent a URL via the Malware Domain List contact form, letting us know the user had picked up a rather nasty

Read More

Liberty Reserve investment spam

I received an e-mail on Feb 6th (yes I know, that was two months ago, but bear with me), claiming to be from Liberty Reserve. As I have Outlook show all e-mail in plain text, I didn't see what was going on at first. I fired up Pocketknife Peek, which allows the showing of headers and such, and looked at the original HTML version - which showed exactly what was going on - Liberty Reserves own

Read More

Jeremy Stinson: Congressmen resorting to spamming?

I already don't trust politicians, never have - they're well known for nothing but lying, but spamming? Is Jeremy Stinson really that desperate?Stinson 2012 Dear Colleagues & Associates, Having been involved in public service since 1997, I have long worked for positive change in Maryland. My family and I now feel that the time has come

Read More

hpHosts: Updated April 6th 2012

The hpHOSTS Hosts file has been updated. There is now a total of 197,290 listed hostsnames.If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)Latest Updated: 06/04/2012 08:00Last Verified: 05/04/2012 04:00/li>Download hpHosts now!http://hosts-file.net/?s=Download

Read More