RSS Feed
TwitterCertainly took them long enough, but having been the latest service to be bombarded and misused by criminals, it seems at least one of the many heavily abused providers has seen sense and cancelled the option to create a free "domain" through them.If you've been taking note, you'll have noticed the sheer volume of hostnames created on *.co.tv that have been involved in fake meds and exploits....
Chủ Nhật, 28 tháng 8, 2011
Thứ Bảy, 27 tháng 8, 2011
20:49
nam tóc xù
And courtesy of my friend Anthony at MalwareURL (and I'm shamefully admitting to not thinking of checking this myself), here comes another 328 of them;http://clickmeaa.fileave.com/http://clickmeab.fileave.com/http://clickmeac.fileave.com/http://clickmead.fileave.com/http://clickmeae.fileave.com/http://clickmeaf.fileave.com/http://clickmeag.fileave.com/http://clickmeah.fileave.com/htt...
18:39
nam tóc xù
Yet another mass compromise going on recently folks (yep, surprise surprise). This time, the malicious code leads to a URL in the format;clickme**.fileave.comWhere ** are letters based on the date/time. Yesterday (27th), these were clickmen[a-z].fileave.com, and today these are rather predictably, clickmeo[a-z].fileave.com.Yesterdays were reported to both Network Solutions, and to FileAve...
15:18
nam tóc xù
I know it's late folks, and my apologies (better late than never?). Sadly the connection has been rubbish lately (I had a second phone and broadband line installed with another provider Wednesday gone and the current line is being re-provisioned, so should hopefully see the issues vanish).The hpHOSTS Hosts file has been updated. There is now a total of 189,155 listed hostsnames.If you are ...
Thứ Năm, 25 tháng 8, 2011
22:38
nam tóc xù
There's another phish doing the rounds lately it seems, this time targetting Windows Live users.If you've received an e-mail similar to the following, click "Mark As" > "Phishing Scam" and delete it - DO NOT CLICK THE LINK!Windows-Live - Account ALERT! - *Re-activate your account* (24-Aug)?Dear (email address),We are sending you this e-mail because Microsoft SmartScreen Technology has...
Thứ Năm, 11 tháng 8, 2011
15:56
nam tóc xù
Something evil on 95.168.177.144: reddingtaxcm.com and inferno.namereddingtaxcm.com is a legitimate domain that is registered at GoDaddy and has been hijacked to serve up malware, hosted on 95.168.177.144 (NetDirekt, Germany but more below..).The malware appears to be a variant of Vundo / Virtumundo, the infection mechanism looks to be some sort of injection attack on third party sit...
Thứ Tư, 10 tháng 8, 2011
20:30
nam tóc xù
Few people asked me to join LinkedIn recently, a site I've avoided like all other social networks for as long as I can remember, and I decided "at least it's not Facebook" (who themselves have now decided to get even worse), so popped over. I already know that social networks can't be trusted, they've proven that time and time again, and now it seems LinkedIn are proving it themselv...
12:46
nam tóc xù
A few updates today folks. Firstly, I've published a new hpObserver release. Nothing special, just a couple of bug fixes.The hpHosts release has also been delayed due to a worse than rubbish connection, drastically slowing down the validation process (almost 24 hours just to run a DNS validation on 3600 domains (only seems to be DNS affected by the slowdown so far)).I also noted yesterday...
Chủ Nhật, 7 tháng 8, 2011
Thứ Tư, 3 tháng 8, 2011
18:30
nam tóc xù
Just a warning folks, there's a replacement for the now suspended rulesbreacker.com/wsumg.com botnet, and it's mstdpro.com. Resolving to residential IPs and serving exploits and a trojan through URLs such as;mstdpro.com/mydata/forms/apisrv.phpmstdpro.com/appserver/mstdpro.com/efs/servlet/military/login.jspmstdpro.com/app/bps/main/mstdpro.com/arc/files/mstdpro.com/arc/files/archivo.exemstdpro.c...
Đăng ký:
Bài đăng (Atom)
