Thursday, November 08, 2007

Go to Sleep, Go to Sleep my Little RBN

Yesterday, Paul Ferguson tipped me on the sudden disappearance of the Russian Business Network . And just like babies have different unde...
Wednesday, November 07, 2007

Electronic Jihad v3.0 - What Cyber Jihad Isn't

It's intergalactic security statements like these that provoked me to do my most insightful research into the topic of what is cyber ji...
Tuesday, November 06, 2007

I See Alive IFRAMEs Everywhere

During the weekend, the entire Newsland.ru which is among the most popular Russian news portals, was marked as as "this site may harm ...
Monday, November 05, 2007

Overperforming Turkish Hacktivists

Last month's Turkish/Sweden hacktivism tensions surprised me mainly because the Swedes responded to the defacements in an entirely dif...

Rebranding a Security Vendor

Rebranding by itself is a tricky process, which if not coordinated at all levels of the enterprise could result in severe channel conflicts ...
Saturday, November 03, 2007

Managed Fast-Flux Provider

Vertical integration in the spamming market means you don't just provide potential customers lists in the form of harvested emails, the ...

Detecting and Blocking the Russian Business Network

Bleeding Edge Threats recently announced the release of some very handy RBN blocking/detecting rulesets : " Call these hosts what yo...
Friday, November 02, 2007

Metaphisher Malware Kit Spotted in the Wild

Such crimeware botnet C&Cs entirely encompassing of banker trojans infected PCs can depress every financial institution's PR depart...

Yahoo Messenger Controlled Malware

IM me a command, master. In the spirit of a previoust post on DIY Exploit Embedding Tools - a Retrospective , here's a very good example...
Tuesday, October 30, 2007

Botnet on Demand Service

Once this "rent a botnet" or "botnet on demand" service depending on the perspective made it in the mainstream press, th...

Possibility Media's Malware Fiasco

After both TrendMicro and Sophos acknowledged the attack on Possibility Media's portfolio of online publications , added detection, fu...
Monday, October 29, 2007

Wisdom of the Anti Cyber Jihadist Crowd

Interesting opinion by Gerald at the Internet Anthropologist Warintel blog : " And I want to call this the "Brilliant civilian s...

Multiple Firewalls Bypassing Verification on Demand

Next to the proprietary malware tools , malware as a web service , Shark2's built-in VirusTotal submission , the numerous malware crypti...
Thursday, October 25, 2007

A Portfolio of Malware Embedded Magazines

This is perhaps my most important discovery of malware embedded sites farm in a while, at least in respect to the potential impact it is cu...
Tuesday, October 23, 2007

Over 100 Malwares Hosted on a Single RBN IP

The never ending Russian Business Network's saga on whether or not they host malware on behalf of their customers enters in an entirely ...

RBN's Fake Security Software

In need of a good example of coordinated CYBERINT so that enough data is gathered before the domains stop responding or get transfered to a...

Ain't That Ugly?

During the weekend I stumbled upon a herbal enlargement domains farm hosted on a single IP (210.52.223.26) on their way to start the spam c...

Introducing Jiglu - Tags That Think

With the idea to make this blog easier to read and much more interactive at the same time, I'm happy to let you know that I've just ...
Monday, October 22, 2007

Empowering the Script Kiddies

What are the chances tools like these, even this one in particular were distibuted to the masses during the Russia vs Estonia DDoS attacks ...
Sunday, October 21, 2007

China's Cyber Warriors - Video

Originally aired on Discovery Channel, this documentary on Chinese hackers is worth watching in the wake of the recent speculations of Chin...