Security Blog

Chris Larsen's picture
Written by
Chris Larsen

In the previous post, I mentioned that several Chinese porn networks were using .faith sites, and that one was particularly interesting. This is the follow-up that explains what it's doing.

Anonymous's picture
Written by
Ashwin Vamshi

As a part of the daily work process, I keep an eye on the latest incoming samples to ensure detection in our Malware Appliance. During this process, an interesting decoy caught my attention.

Chris Larsen's picture
Written by
Chris Larsen

[Note: Links to previous "Shady TLD" posts are collected at the bottom.]

 

Chris Larsen's picture
Written by
Chris Larsen

[Note: Links to previous "Shady TLD" posts are collected at the bottom.]

 

Our automated detectors are flagging a lot of spam traffic this week on a relatively new Top Level Domain (TLD): .Date, so I thought it was time to take a closer look.

Chris Larsen's picture
Written by
Chris Larsen

It's always nice to be able to link separate blog threads...

A month ago, we did a couple of posts about phony tech support scams.

Chris Larsen's picture
Written by
Chris Larsen, Adnan Shukor

[It's been a couple of months since the last post in our "Shady TLD" series, with plenty of interesting candidates for another expedition, but other R&D kept getting in the way.