….let’s try this again…Blognostication and saving things as drafts seems to have gotten the best of me and munged some previous versions of this post, my apologies – please reread for a slighly less confusing version. — In compiling results from the current revision of Arbor’s recent Infrastructure Security Survey, I’m still not exactly sure [...]
This morning, on one of the malicious activity tracking lists that we subscribe to, someone asked about phishing stats for Q1 2006. I got curious, too, so I ran stats on the feed going into our Active Threat Feed (ATF) phishing policy, and came up with some surprising stats. From 1/26-4/26, we saw about 2700 [...]
Every now and then, malicious or obfuscated JavaScript will appear on the radar, and this is how I’ve developed ways to determine what’s going on. The goals of malicious JavaScript are obvious: exploit a web browser vulnerability. The goals of obfuscated JavaScript are a bit more complicated: get the JavaScript past the filters to direct [...]