The esteemed security group CastleCops was under a distributed denial-of-service attack back at the beginning of September. The DDoS apparently consisted of both a TCP SYN flood and an HTTP request flood. They posted some great data to help the community identify suspected zombie computers used to carry out the attack: an http log of suspicious web access from their site, and a list of IPs with whois data of possible bot infected hosts.

(more…)

This week we will be taking the final step to remove the Cults, Religious Opinion and Outdoor Recreation categories from the 8e6 Database.

These categories have been empty since March, when, the URLs in the Religious Opinion and Cults categories were moved into the Religion category and the URLs in the Outdoor Recreation category was moved into the Recreation category.

(more…)

Any IT Manager can tell you that the biggest bang for your budget dollar comes from training. Simply training your users some security 101 — don’t haphazardly double click on email attachments, pay attention to file extensions, don’t click on links in unsolicited emails and IMs, learn to recognize a phish — drastically reduces your attack surface. Even with the evolution of blended threats and with the steady stream of newly exploitable vulnerabilities announced each day, the single biggest threat propagation vector is still attachments on mass emails.

(more…)

Hello all, my name is Rich Sutton, and I’m very excited to announce the start of the 8e6Labs blog.

We created this blog to open up a channel of communication between the technology folks here at 8e6 and 8e6’s current and potential customers, as well as our colleagues in the security industry. Topics will include:

(more…)