Lost+Found: Burglars, IP addresses and botnets
Too short for news, too good to lose; lost+found is a round up of useful security information. Today, Burglars, IP addresses and botnets
If your followers include burglars, best not to twitter that you're off on holiday: Could Twittering about your vacation put your home at risk?
In certain cases, assigning private IP addresses can lead to browser security problems which can allow the same origin policy to be bypassed: RFC1918 Caching Security Issues.
Botnets are not always homogeneous and can be made up of more than one malware family. On the flip side, members of a single malware family can also be controlled by different bot herders: The Botnet vs. Malware Relationship.
Trend Micro illuminates the modus operandi of two of the biggest botnets in two analysis papers: Infiltrating WALEDAC Botnet's Covert Operations and A study of the Pushdo/Cutwail botnet. WALEDAC was recently involved with Conficker and Cutwail was largely controlled from US web host Pricewert/3FN, which was recently taken off the web.
(crve)