Tag: server
-
Taking the Red Pill Down the Rabbit Hole
I’ve been contemplating a title for this post for a long time, eventually I decided to merge two of my favorites (and leave the third alone: looking for the cuckoo’s egg). Basically, after a couple of weeks of almost nonstop work on a major research project (hence the relatively quiet blog), and some major news…
-
Neosploit – The rumors of my demise have been greatly exaggerated
Despite being reported as “out of business†in late July/August, (see this blog, and this article as well), Neosploit, one of the most widely used tools by cybercriminals, clearly hasn’t ceased to exist . In fact, we have recently confirmed a highly enhanced Neosploit 3.1 installation to be out and about, and serving Malweb to…
-
Crimeware server catering to “grab and run†criminals
During our research for the latest Malicious Page of the Month that has just been released, we came across a domain that was being used as a command and control for the Crimeware that was executed on attacked machines. This domain was also used as the “drop site†for private information being harvested by that…
-
On the (dis)merits of privacy
Following up on my last post, after filing a complaint with the abuse department of privacyprotect.org (and blogging about the problem), I have just received an update noting that: –quote– On investigating on your complaint , we have determined that the domain name “SPYWARESAFE.NET ” is in violation of the terms of usage of the…
-
Taking down a malicious site – the good, the bad, and the ugly…
As part of the “closure” on the February Malicious Page of the Month, which involved meoryprof.info (taken down), and spywaresafe.net we have contacted the appropriate parties in order to notify them that these websites contain malicious code. Meoryprof.info was the first to buckle (probably under the press exposure), but spywaresafe.net have managed to stay afloat…