< Automated Malware Classification | Silence at the blog >

Two New Compromises

Our honeypots at RWTH Aachen university remain rather active. We had again two compromises and in both incidents we observed phishing groups. The attacker compromised the machines with the help of exploits against web applications. It seems that web applications are currently one of the easiest ways to 0wn a network...

The analysis of both incidents is not ready yet, but I will post an update once I have more details. In addition, our CWSandbox is currently in beta test, so expect a public webinterface in the near future :)
This entry was posted by Thorsten Holz on Friday, May 12. 2006 at 21:02. and is filed under honeynets. You can leave a response, or trackback from your own blog.

Trackbacks

Trackback specific URI for this entry

    No Trackbacks

Comments

Display comments as (Linear | Threaded)

    No comments


Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA