about 3 weeks ago - 1 comment
In a previous blog I discussed how one of the more enjoyable parts of my day-to-day malware rituals also involves the tracking and killing of command and control bot networks. Recently I have begun automating this process a bit; I have created a series of scripts that extract irc servers, port numbers and channels from More >
about 3 weeks ago - No comments
When I first introduced you all to the Aggregate Threat Feed back in May, it was a much smaller feed with very simple ambitions — pulling together threat data at work from our network edge and host based firewalls and aggregating the data into a usable feed. The actual intention being that as an attacker More >
about 1 month ago - 2 comments
Since I will be busy this coming week with other priorities, I am posting an early month in review blog on signature updates. In the last 3 weeks we have not seen a whole lot of action on in-the-wild malware, most of what is propagating at the moment are variants of already detected content. That More >
about 2 months ago - No comments
Today I found the time and energy, despite how tedious it was, to go over the last two weeks worth of malware submissions and missed edge IPS data from when I was away. This resulted in a total of 126 new signatures (67 MD5 / 59 HEX) which brings LMD to a total of 2,471 More >
about 2 months ago - 1 comment
I am back, fresh off a trip home to Montreal, which I must say was an absolutely amazing time. It has left me reflecting on allot of things, most importantly that there really is no place like home — I miss Montreal more than I can even describe. That said though, time to get back More >
about 3 months ago - No comments
Yup, nothing to see here except numbers… 2,018: Downloads of the newest project, Linux Malware Detect, month to date. 2,294: Signatures for Linux Malware Detect. 6,207: Downloads for all projects for the month to date. 14,176: Google results with link backs to rfxn.com or related domains (i.e: r-fx.org, rfxn.org etc..). 30,061: Active APF installations relative More >
about 3 months ago - No comments
In LMD 1.3.3 there was allot of changes, 29 to be exact, that made LMD much more robust and especially the monitoring component, much more usable. If that release was about making good things better, then this release is about bringing loose ends together. I spent a couple of days running LMD through its paces More >
about 3 months ago - No comments
In my last post, I reflected on the last 7-8 years of projects here at rfxn.com, in doing so I also dug up some statistics on project downloads. I not only did this for my own curiosity but to prioritize the mile long to do list I have for the projects, based on downloads. One More >
about 3 months ago - 2 comments
Today I woke up and was in a weird mood, I started to take stock of some thing while at the same time cleaning out the rfxn.com projects and downloads repo (thats a whole other story in itself). In doing so, I realized just how long I have been doing this, it sometimes gets past More >
about 3 months ago - 1 comment
This morning I have put out LMD v1.3.3, this is on the back of two other successive releases in recent days that improved LMD in many areas, along with correcting some bugs that were graciously reported by those helping to break-in the project. I have also listened to feedback and revised a number of features More >
about 4 months ago
love it all !!! amazing work !!! .. keep it comen !!! all very helpfull !!! so much can be used from the information you provide !!!