Security Blog

Chris Larsen's picture
Written by
Chris Larsen

[Note: Links to previous "Shady TLD" posts are collected at the bottom.]

 

Our automated detectors are flagging a lot of spam traffic this week on a relatively new Top Level Domain (TLD): .Date, so I thought it was time to take a closer look.

Chris Larsen's picture
Written by
Chris Larsen

It's always nice to be able to link separate blog threads...

A month ago, we did a couple of posts about phony tech support scams.

Chris Larsen's picture
Written by
Chris Larsen, Adnan Shukor

[It's been a couple of months since the last post in our "Shady TLD" series, with plenty of interesting candidates for another expedition, but other R&D kept getting in the way.

Chris Larsen's picture
Written by
Chris Larsen

I've been meaning to write about a particular PUS (Potentially Unwanted Software) network that I looked at a couple of weeks ago, but there's been a considerably high number of meetings lately (the bane of an engineer's existence)...

Background:

Chris Larsen's picture
Written by
Chris Larsen

Under my Twitter handle (@bc_malware_guy), I post an occasional "Shady Domain Name of the Day" tweet, featuring my favorite oddball domain names that the Bad Guys create to further their nefarious schemes. (Recent favorites include names like faintheartedsharkoil.info, macadamianutdogma.org, and practicebundlingredbreastedsapsucker.org....)

Chris Larsen's picture
Written by
Chris Larsen

For part of this week, I've been poking into an attack we blocked last weekend (Saturday, 6/06), and while parts of it were pretty standard, the variety of attack vectors was interesting...

First, the "standard stuff":