Author: Perry Varanoid

Shellshock via SMTP, (Fri, Oct 24th) 0

Shellshock via SMTP, (Fri, Oct 24th)

Ive received several reports of what appears to be shellshock exploit attempts via SMTP. The sources so far have all be webhosting providers, so Im assuming these are compromised systems.” /> The payload is an IRC perl bot with simple DDoS commands and the ability to fetch and execute further code

Are you receiving Empty or "Hi" emails?, (Fri, Oct 24th) 0

Are you receiving Empty or "Hi" emails?, (Fri, Oct 24th)

I wanted to perform a little unscientific information gathering, Im working with a small group who think theyre being specifically targeted by these, while I think its more widespread and opportunitistic. If youve recently received these no content probe emails, or a simple Hi message, please send a simple comment below in this format: Industry Order of magnitued in size ( e.g. 10, 100, 1000) Sending domain Feel free to use our comment page to add extra analysis comments here: https://isc.sans.edu/contact.html (c) SANS Internet Storm Center.