Thanks to the Websense® ThreatSeekerTM Network, Websense Security Labs recently detected an unusual domain name that we have analyzed. The domain name, "inte1sat", substitutes the number "1" for the lower case letter "l", an example of "leet" substitution that surfaced in the 1980s and is still used today. (Leet is a method of constructing words […]
Analysis: Kevin Savage Following our recent blog post on malicious Web injects, here is an example affecting the distribution of a malicious Android application. This is an example of a traditional type but on a larger scale. Those of us in the security industry are well aware of a certain email address—[email protected]—which registers domains consistently […]
A bit of a shift in spammer tactics here: From: Mohit Girsh [email protected] Date: 12 March 2012 11:54 Dubject: Electronic payments are suspended #08763672 Signed by: yahoo.com Id 57-8033394-13999809-0-895 < !–ZZ 81490908 C hxxp://goo.gl/C9bsq hxxp://goo.gl/C9bsq redirects to hxxp://2ecdn.barelybowler.ru/ which is multihomed: 31.176.195.196 (BH Telecom, Bosnia) 31.181.92.124 (Rostelecom , Russia) 37.99.67.48 (2DAY Telecom, Kazakhstan) 41.108.45.166 […]
Latest Comments