IP address

Microsoft Readying Real Time Hosted Threat Intelligence Feed

New York City – Microsoft has proven that it can take down huge, global botnets like Kelihos, Rustock and Waldec. Now the company is ready to start making the data it acquires in those busts available to governments, law enforcement and customers as a real time threat intelligence feed.

Microsoft has a new way of determining the geolocation of systems infected with malware, and it had subtle but relevant effects on the 11th volume of the Microsoft Security Intelligence Report. It’s a novel concept, instead of relying on an administrator-specified setting that anyone with hands and a mouse can change, they are now relying on IP addresses.

UPDATED: A major issuer of secure socket layer (SSL) certificates acknowledged on Wednesday that it had issued 9 fraudulent SSL certificates to seven Web domains, including those for Google.com, Yahoo.com and Skype.com following a security compromise at an affiliate firm. The attack originated from an IP address in Iran, according to a statement from Comodo Inc.

There has been no respite from the tsunami of scam-emails taking advantage of the natural disaster-nuclear meltdown combo punch that is hitting Japan, according to research from Kaspersky Labs.

The size and volume of spam botnets are down over the last
year, and much of this can be attributed to the effectiveness of IP-based blacklists. However,
this defense method is no panacea as scammers have found new methods like reputation
hijacking to circumvent these roadblocks, and bots continue to extend their
reach by piggybacking on existing worms and viruses.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.