Russian Anal Probing + Malware

• Previous message (by thread): Russian Anal Probing + Malware
• Next message (by thread): Russian Anal Probing + Malware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <f2682032aa620f49aa50b30579a9357f at mail.dessus.com>, 
"Keith Medcalf" <kmedcalf at dessus.com> wrote:

>On Friday, 21 June, 2019 18:14, Ronald F. Guilmette <rfg at tristatelogic.=
>com> wrote:
>
>>    https://twitter.com/GreyNoiseIO/status/1129017971135995904
>>    https://twitter.com/JayTHL/status/1128718224965685248
>
>Sorry, don't twitter ...  Too much malicious JavaScript there.

Can you be more, um, specific?

>>80.82.64.21 scanner29.openportstats.com
>>...
>
>Why do you think it is a problem and not just run-of-the-mill background
>radiation on the Internet?  

It's not a problem for me personally... other than the fact that these
goofballs are filling up my log files to no good end.  I just wanted
others to be aware of this (apparently ongoing) garbage.

And I wouldn't want anyone to be fooled by the mere fact that this
openportstats.com domain has a sort-of a web site.  It's still 100%
illegitimate.

>Do you (or your endpoints) not have a firewall to block such things?

I do, and I hope everyone else does also.

>What malware slinging?  I see none of that.

You didn't look at the Twitter reports.

>>    https://bit.ly/2ZBayc4
>
>Malicious link detected.

If you say so. (It's actually just a cute picture.)


Regards,
rfg

• Previous message (by thread): Russian Anal Probing + Malware
• Next message (by thread): Russian Anal Probing + Malware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]