advertisingcommunity-s.com ICANN Registrar: DIRECTI Created 2 November 2009 IP: 217.23.10.16 – Worldstream, Netherlands. Registrant hidden behind Privacy Protect, dedicated hosting. Implicated in malvertizing incidents before: http://www.mywot.com/en/scorecard/advertisingcommunity-s.com ***** adrime.net ICANN Registrar: ENOM, INC Created 18 November 2009 IP: 64.27.26.81 – Calpop.com Inc, Los Angeles Registration Service: director@climbing-games.com (www.ruler-domains.com) – a familiar name and email address; see […]
“The point is that I was dumb enough to think that Ubuntu was secure enough out here in the Linux wonderland that I love so much that I ended up on gnome-look downloading everything that looked cool without examining everything first.” The quote is taken from a thread about a “screensaver” for Ubuntu, sourced […]
All of the following domains list XINNET as the Registrar: worldofwaracrft.com (created 15 November 2009) IP: 98.126.210.19 – Krypt Technologies worldofwaruraft.com (created 24 December 2009) IP: 174.139.248.82 – Krypt Technologies Sharing IP with worldofwancraft.com (created 17 December 2009) worldofwrracraft.com (created 27 December 2009) IP: 98.126.122.67 – Krypt Technologies worldofwarcraft-account-instructions.com (created 27 December 2009) […]
Go to https://twitter.com/signup, right click the page, and then select “View Page Source” (FF/Google Chrome) or “View Source” (IE). There, in all its glory, you will find Twitter’s list of forbidden passwords (all credit to Sophos who pointed out that the list was available for all to see). For what its worth, I have long […]
Wayne Small, the owner of sbsfaq.com called me today and asked me to look into a malvertizing incident that he experienced while at tweetmeme.com. You can see his report here. I have not been able to reproduce the behavior that Wayne saw thus far, but do note that tweetmeme seems to be using openx. […]
See here: http://matchent.com/wpress/?q=node/500 What is interesting is the IP address that the author of the blog post cites as the source of the trouble – 72.167.232.86. 72.167.232.86 belongs to GoDaddy (p3nlh036.shr.prod.phx3.secureserver.net). The server at that IP is host to over 4,000 web sites. As for how Silent Noise was hacked – that I […]
cdn-adrotation.com cdn-businessweek.com cdn-gamingahead.com cdn-justin.tv cdn-ovguide.com cdn-thestreet.com cdn-transworld.net cdn-veoh.com pdnads.com The Registrants are all hidden behind Domains By Proxy, Inc, all domains are hosted at IP 74.81.169.61 (carohosting.net), all were registered using Godaddy, and all were created on 14 July 2009. All are using name servers at softdreams.eu softdreams.eu was registered on 6 February 2009 to […]
Security updates have been released – details here: http://www.adobe.com/support/security/bulletins/apsb09-19.html After updating your Flash version should be 10.0.42.34 and your Air version should be 1.5.3
I saw this screenshot at the Panda Software blog. The author of the blog post wrote that the replica of the Windows 7 explorer shell displayed by the fraudware site was “devilishly deceiving and might even fool an expertly trained eye”. I would hope that an “expertly trained eye” would spot the fact that the […]
If you have ever wondered how long it takes to install an ATM skimmer, check this movie out (yes the crook was caught red handed) http://www.liveleak.com/view?i=074_1252777692