The primary objective of the SISSDEN project is to offer National CERTs, ISPs and network owners free reports on malicious activity detected on their networks. This is achieved through the establishment of a network of honeypots.
As of the 20th of December 2018, SISSDEN is offering 5 new report ty...
The primary objective of the SISSDEN project is to offer National CERTs, ISPs and network owners free reports on malicious activity detected on their networks. One of the methods data is collected is through darknets, also known as network telescopes. Darknets are unused sets of IP addresses, which...
Lately, we can spot quite a lot of reports, claiming that Google (8.8.8.8) and Cloudflare (1.1.1.1) DNS servers are under DoS attacks. For instance, @GossiTheDog has provided the info that he noticed attack destined for 1.1.1.1 in Qihoo 360 feeds. Then, @yiminggong from 360 Netl...
Some time ago, we have written about Satori botnet fingerprinting. Right there, we have fingerprinted more than half a million infected machines. However, Satori's C2 was quickly sinkholed by the security community.
Not so long ago, 360Netlab informed the world about Sator...
On 4 February 2018, 360Netlab informed the world about ADB.Miner – the Android botnet spreading in a worm style. ADB.Miner activity started on 3 February and it continues. On 6 February, 360Netlab provided another blog post with more details.
Some basic facts about the...
In this post, we are introducing our early observations on a new version of the Satori botnet (Mirai variant). Data used for the analysis was extracted from the NASK darknet.
05.12.2017 03:57 UTC – 360 Netlab noticed a new uptick in the Satori activity. Some facts derived from the 360 Netlab pos...