Security Blog

Leave blank for all. Otherwise, the first selected term will be the default instead of "Any".
Chris Larsen's picture
Written by
Chris Larsen

Looking back on 2015, it was fun to dig into some of the Top Level Domains (TLDs) that are being abused at higher-than-normal rates by the Bad Guys. On the list of TLDs to write about, I've been meaning to look at the ".space" space for many months, chiefly because the name immediately suggested a fun title for the post, based on the iconic 1960s television series:

Chris Larsen's picture
Written by
Jeff Doty

[Update: Since we posted, we've received feedback that this is Neutrino, not Angler -- thanks @kafeine! -- We decided to keep the post up, since the IPs, domains, and traffic patterns are still useful to the community. --C.L.]

 

It always comes when you're on vacation. [I didn't think security guys took vacations...]

Snorre Fagerland's picture
Written by
Snorre Fagerland

 

Chris Larsen's picture
Written by
Chris Larsen

Background

We've been doing a series of blog posts this year [linked at the bottom of this post] on widespread abuse, by a variety of Bad Guys, on many of the new Top Level Domains (TLDs) that are now active on the Internet. (The Internet is at well over a thousand valid TLDs, and counting, as of earlier this summer.)

Chris Larsen's picture
Written by
Chris Larsen

It's Saturday morning, and Halloween to boot, so this will be a short post...

Our logs this morning were showing a number of popular sites being hit by a malvertising attack, providing thousands of leads to a malicious site.

In America:

Chris Larsen's picture
Written by
Chris Larsen

It's the time of year (or almost, depending on your situation) for many people in the United States to start thinking about changes in their health insurance plans.

Not surprisingly, the spammers and scammers of the world are aware of this, and are baiting their hooks with health insurance themed spam.

In recent days, I've been seeing a lot of spam like the following: