Our first e-mail this morning was from Dave, who informed us about a compromised site ( hxxp://lawfuel. com /show-release.asp?ID=12419 ). Lorna took the lead on investigating the malware on this site, and in the process ended up with two massive lists of other compromised sites.
We haven't checked them all yet (and probably never will...) but I figure its good to push out a list of these sites before its too late on Friday.
For a list of URLs referenced see http://isc.sans.org/diaryimages/hosts20070601.txt
I will be teaching next: Intrusion Detection In-Depth - SIEM Summit & Training 2019
Jun 1st 2007
1 decade ago