Cont.This month saw an increase in active malware distribution sites across Central Europe. New October entrant ShadowPad dominated the ThreatFox Top 15s with a +459.82% increase. Meanwhile, YARAify scanned over 8 million distinct files! Read the full report here.
Got a credit card? use our Credit Card & Finance Calculators
Thanks to gpadsa,Steffers0,lansdown,Wasron,jfgw, for Donating to support the site
Spamhaus November malware report
-
- Lemon Quarter
- Posts: 4503
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Spamhaus November malware report
https://info.spamhaus.com/monthly-malwa ... 8164692992
-
- Lemon Quarter
- Posts: 4503
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
-
- Lemon Quarter
- Posts: 4503
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
-
- Lemon Half
- Posts: 5324
- Joined: November 4th, 2016, 12:04 pm
- Has thanked: 3303 times
- Been thanked: 1036 times
Re: Spamhaus November malware report
Spoanhaus has possibly also upped, and continues to up, their thresholds for blocking. No names, no pack drill but I am aware of a NATTED Ip (ie globally visible) that has been used for years with no problems, supporting a mature service with no configuration changes in all that time, which has three times in the past month been blocked by Spamhaus. Each time it is because the mature configuration has been deemed incorrect for a very minor issue - issues that as per the above have been existing (inherited legacy systems etc) and working for years.
Aside from the hassle that such blocking brings, Spamhaus seems intent on enforcing every minor requirement one by one globally. Meanwhile multiple other blacklisting agencies continued to mark that IP as "good".
Aside from the hassle that such blocking brings, Spamhaus seems intent on enforcing every minor requirement one by one globally. Meanwhile multiple other blacklisting agencies continued to mark that IP as "good".
-
- Lemon Quarter
- Posts: 4503
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Spamhaus November malware report
didds wrote:)... that has been used for years with no problems, supporting a mature service with no configuration changes in all that time, which has three times in the past month been blocked by Spamhaus. Each time it is because the mature configuration has been deemed incorrect for a very minor issue - issues that as per the above have been existing (inherited legacy systems etc) and working for years.
Aside from the hassle that such blocking brings, Spamhaus seems intent on enforcing every minor requirement one by one globally. Meanwhile multiple other blacklisting agencies continued to mark that IP as "good".
Malware has been increasing exponentially in its sophistication, there are more and more active zero day threats going live, not less.
What was deemed 'acceptable' even two years ago won't hack it today from a networking standpoint - as I posted in the IONOS thread WRT minimum email authentication thresholds tightening.
The biggest volume DDoS attack ever seen by Cloudflare (the biggest CDN) was generated by a less than 20K machine botnet in 2023. The protagonists managed to get the latency down to some impressively small number which enabled a highly efficient attack.
https://www.youtube.com/@_JohnHammond/videos
https://www.youtube.com/@Huntress/videos
-
- Lemon Half
- Posts: 5324
- Joined: November 4th, 2016, 12:04 pm
- Has thanked: 3303 times
- Been thanked: 1036 times
Re: Spamhaus November malware report
thats all fair and reasonable of course - but it doesn't explain why Spamhaus appears to be the only blacklister that seems bovvered...
-
- Lemon Quarter
- Posts: 4503
- Joined: November 4th, 2016, 2:25 pm
- Has thanked: 649 times
- Been thanked: 1275 times
Re: Spamhaus November malware report
Whenever I've had Spamhaus IP address listings with my domain/email host they've been sorted out pretty quickly as they will effect deliverability.
If Spamhaus lacked credibility then the services that use their lists to shape their IP address filtering would ignore them - as they do with some of the more tin pot sole trader type lists with 'paid removal' services - where being persistently on their lists seems to make zero difference and written correspondence with my host has confirmed they don't bother delisting with them any more as they consider them inconsequential parasites (I'm paraphrasing...).
If Spamhaus lacked credibility then the services that use their lists to shape their IP address filtering would ignore them - as they do with some of the more tin pot sole trader type lists with 'paid removal' services - where being persistently on their lists seems to make zero difference and written correspondence with my host has confirmed they don't bother delisting with them any more as they consider them inconsequential parasites (I'm paraphrasing...).
Return to “Technology - Computers, TV, Phones etc.”
Who is online
Users browsing this forum: No registered users and 13 guests