Another item in the post-vacation queue for the blog is an update on the big Fake AV attack we posted about at the beginning of the month. From last Friday's logs, I pulled data on one sample server. Here's what it had been up to: – 2400+ URLs in the week from 4/13 (when it […]
After intercepting one of the domain names used by the Flashback/Flashfake Mac Trojan and setting up a special sinkhole server last Friday, we managed to gather stats on the scale and geographic distribution of the related botnet. We published information on this in our previous blog entry. We continued to intercept domain names after setting […]
Last week Kahu Security blogged about Escalating Java Attacks. Kahu’s post dissects two Java exploits. The first exploit targets CVE-2012-0507, the latest Java vulnerability that’s been seen being exploited in the wild. This vulnerability was patched (for Windows) by Oracle in February 2012. I found the second exploit to be more interesting. It clearly appeared […]
Latest Comments