Thursday, October 18, 2007

More: Russian Business Network

Dancho Danchev:

In case you haven't come across it before, here's an informative blog whose objective is to track events related to the Russian Business Network (RBN) and expose its nodes in between.

What is the RBN at the bottom line? A diversified set of IP blocks located at different parts of world, who periodically appear within the deobfuscated javascipts of the sites who got IFRAME-ed and were found to serve malware by exploiting outdated browser vulnerabilities. What's more interesting to me than the "yet another popular site which got IFRAME-ed by the RBN's network" is the success of the popular malware exploitating kits using outdated and already patched vulnerabilities.

What use are patches when no one is applying them, and aren't unpatched vulnerabilities just as effective as zero day ones? Yes, they are.

More here.

0 Comments:

Post a Comment

<< Home