[Sysadmins] increase in zero day attacks.

Mark McDonagh payload at gmail.com
Wed Oct 14 22:43:31 IST 2009


http://www.malwaredomains.com/ is also a pretty good and reliable source
of sites associated with malware. 

On Wed, 2009-10-14 at 09:23 +0100, Harry Duncan wrote:
> Hi Guys,
> 
> My last week and a half seems to be spent dealing with zero day virus
> attacks on windows clients. 95% of these are "XP Antivirus 2009"
> spyware attacks which seem to have new builds deployed online on a
> very quick rotation to keep it well ahead of the AV companies update
> release schedule.
> 
> The installs seem to be from posioned google searches, if you take a
> search for something topical like "Stephen Gately Funeral", up pops
> sites looking like they've got what you want, which once you get in,
> give you confusing popups which lead me to believe that education
> alone isn't going to keep these new threats out, once you get into the
> site its pretty hard not to get stung.
> 
> I'd like to stop dealing with compromised machines and proactively
> block this. Wondering if any of you are using or know of site blocker
> lists for squid which might be useful in keeping users away from these
> sites?
> 
> Harry.
> 
> _______________________________________________
> Sysadmins mailing list
> Sysadmins at lists.stdlib.net
> http://lists.stdlib.net/mailman/listinfo/sysadmins




More information about the Sysadmins mailing list