SEARCH RESULTS
 
Showing 1-8 of 8 records
1
 
Expand article

Phishing Emails Generating Botnet Scaling

The Article has images
2008-04-18 14:57:30 by HASH0x8aef3f0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.ns4.ns2.ns3.id759.com ns3.ns1.id759.com ns1.ns2.ns1.ns4.ns2.ns3.id759.com ns1.ns2.ns3.id759.com ns1.ns2.ns4.id759.com ns1.ns4.ns4.ns2.ns3.id759.com ns2.id759.com ns2.ns1.ns2.ns3.id759.com ns2.ns1.ns2.ns4.id759.com ns3.ns2.ns1.ns2.ns3.id759.com ns4.ns1.ns1.ns2.ns3.id759.com Yet another internal nameservers ecosystem within the...
 
Tags: bank, bank digital, ns1, bank bankline, ns2, bank internet, malware, malware variants signal, botnet
 
 
 
 
Expand article

A Diverse Portfolio of Fake Security Software

The Article has images
2007-12-07 15:16:07 by HASH0x89688e0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.bestsellerantivirus.com ns2.bestsellerantivirus.com ns3.bestsellerantivirus.com ns4.bestsellerantivirus.com ns1.onerateld.com ns2.onerateld.com Main portfolio domain farm IPs 87.117.252.11 85.12.60.22 85.12.60.11 85.12.60.30 Laziness on behalf of the malicious parties in this campaign, leads to better detection rate, thus, they didn't...
 
Tags: domains portfolio, domains, portfolio, sample domains portfolio, fake security software, software, onerateld, content, exe
 
 
 
 
Expand article

Update on the MySpace Phishing Campaign

The Article has images
2007-12-10 21:50:56 by HASH0x899feb4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.4980603.com Name Server: ns2.4980603.com Name Server: ns3.4980603.com Name Server: ns4.4980603.com Here's more coverage courtesy of the ISC assessing a previous state of the campaign in the form of different domain names used Two primary infection vectors have been observed providing us with unique insight into the life cycle involved...
 
Tags: myspace, fast-flux networks, fast-flux, attack vectors include, campaign, server, attack, exploit content results, primary infection vectors
 
 
 
 
Expand article

The Continuing .Gov Blackhat SEO Campaign - Part Two

The Article has images
2008-02-25 08:42:20 by HASH0x8b54014 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.viagrabestprice.info ns2.viagrabestprice.info officialmedicines.us pharm-shop.net thecanadianpharmacymeds.com viagrabestprice.info viagraforlove.com xdrugpill.com This is perhaps the perfect moment to clarify that the appropriate people responsible for auditing and securing these hosts, are already doing their forensics job and are...
 
Tags: seo content, invisible seo content, pages, seo pages, content, military affairs, homecare, gov, national homecare council
 
 
 
 
Expand article

Loads.cc's DDoS for Hire Service

The Article has images
2008-03-11 21:35:53 by HASH0x8b581c0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.4wap.org as DNS server provided by Layered Technologies again confirming the Russian Business Network connection since, both, Layered Technologies and SoftLayer are known to have been and continue providing services to the RBN, knowingly or unknowingly. Moreover, the malware infected counter at the stats section continues reporting new...
 
Tags: ddos, service, malware, services, hire services, web based malware, undercover ddos, loads, country
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...NS1.LAYEREDTECH.COM NameServer: NS2.LAYEREDTECH.COM Comment: abuse@layeredtech.com 195.225.178.21 route: 195.225.176.0/22 descr: NETCATHOST (full block mnt-routes: WZNET-MNT mnt-routes: NETCATHOST-MNT origin: AS31159 notify: vs@netcathost.com remarks: Abuse contacts: abuse@netcathost.com 89.149.243.201 inetnum: 89.149.241.0 -...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

Money Mule Recruiters use ASProx's Fast Fluxing Services

The Article has images
2008-07-18 06:23:49 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns10.cashtransfers.tk ns11.cashtransfers.tk ns1.cashtransfers.tk ns12.cashtransfers.tk ns2.cashtransfers.tk ns13.cashtransfers.tk ns3.cashtransfers.tk ns14.cashtransfers.tk ns4.cashtransfers.tk ns15.cashtransfers.tk ns5.cashtransfers.tk ns16.cashtransfers.tk ns6.cashtransfers.tk ns17.cashtransfers.tk ns7.cashtransfers.tk ns8.cashtransfers.tk...
 
Tags: fast, fast flux networks, money, fast-flux, cashtransfers, fast flux provider, fast flux spam, transfer money, fast-flux infrastructure
 
 
 
 
Expand article

The Russia vs Georgia Cyber Attack

The Article has images
2008-08-11 19:35:55 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...ns1.guagaga .net ns2.guagaga .net ohueli .net pizdos .net googlecomaolcomyahoocomaboutcom.net Actual command and control locations a-nahui-vse-zaebalo-v-pizdu .com/a/nahui/vse/zaebalo/v/pizdu prosto.pizdos .net/ lol Consider going through the complete coverage of what's been happening during the weeked. Considering the combination of...
 
Tags: georgia cyber attack, cyber attack, attack, georgia, georgia president, russian, russian web, ddos attack, russian hackers
 
 
 
 
 
Showing 1-8 of 8 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia