I’ve spent some time recently looking at how to improve our visibility into fast flux botnets by adding additional data. The discovery of such botnets usually yields an interesting gold mine of other nefarious activity. To do so, I’m now combining the fast flux data from ATLAS with other data sources to grow its view. [...]
Today Microsoft announced a broad industry alliance to combat Conficker, the savage Windows worm taking advantage of MS08-67. The Conficker group isn’t going to be formed, it’s been happening for a while now. This is just the public announcement (and also of a quarter million dollar bounty for whoever is behind it). Conficker has affected [...]
At about 12:52 PM Feb 7th, HD Moore (leader of the Metasploit project) twittered “heh, metasploit.com is being DDoS’d again”. A little while he pointed to a traffic graph and asked, “see if you can pick out the DDoS”. Hint: it’s obvious. He later started blogging the incident: On Friday, starting around 9:00pm CST, the [...]