Botnet Threat Update January to June 2024
Overall Botnet C&C activity decreased by -6%. Misuse of Cobalt Strike also declined by -41%. Meanwhile, android backdoors increased, with new entries from Hook and Coper. One of the most positive developments was that three well-known global network operators have taken action to address active botnet C&Cs. Read the full ... Read More
How Amazon SES works with Spamhaus to protect its network and reputation
When delivering emails is your core business, maintaining a reputable network for a reliable service without problems is EVERYTHING. This is a commitment that email service provider Amazon Simple Email Service (SES) takes very seriously. With a proactive approach to managing millions of IPs and domains, SES is committed to ... Read More
The Policy Blocklist: what is it, and why should you be on it?
It’s not always "bad" to be listed on one of Spamhaus' DNS Blocklists. Despite what you may think, there is one list you may want to be on: the Policy Blocklist (PBL). Want to know more? Let's dive into the PBL, what it is, how it works, and how it ... Read More
Operation Endgame | Botnets disrupted after international action
On Thursday, May 30th, 2024, a coalition of international law enforcement agencies announced "Operation Endgame". This effort targeted multiple botnets, such as IcedID, Smokeloader, SystemBC, Pikabot, and Bumblebee, as well as their operators, and Spamhaus is assisting with the remediation efforts ... Read More
ESPs: Why IP and Domain Reputation Matter and How to Manage Them
Maintaining a positive IP and domain reputation is essential for email service providers (ESPs) aiming to offer a successful email sending service. In this blog, we will explore the key principles and best practices that ESPs should follow to effectively manage and enhance their IP and domain reputation, ultimately driving ... Read More
Manage IP & domain reputation wisely – they’re valuable assets!
Trust. That’s a word with huge connotations. The Oxford Languages defines it as: believe in the reliability, truth, or ability of. But how can you believe in the reliability, truth or ability of an IP address or domain? In our world it boils down to reputation ... Read More
Expired and exploited: Reviving a 30-year-old legacy domain for hijacking
Due to the current shortage of IPv4 addresses, any legacy IP block, regardless of its size, including Autonomous System (AS) networks, is at risk of being hijacked and misused for identity theft or other malicious activities. Here are the findings of Spamhaus' investigation into Fiberlinkcc.com, a legacy domain used to ... Read More
Spammers Love Mobile Phone IP Space. Here’s How to Fix That.
Mobile phone companies are leaving the door wide open for spammers. They’re hurting their own customers (and the rest of the Internet) - but there’s still time to fix this ... Read More
If you query the legacy DNSBLs via Vultr move to Spamhaus Technology’s free Data Query Service
If you are currently accessing the free legacy DNS Blocklists (DNSBLs) via the Public Mirrors, and you’re using Vultr infrastructure - you'll need to make some minor changes to your email infrastructure. The changes are easy to implement, but if you fail to do so, you could find that at ... Read More
Sex education in the classroom? Google can help, but there is a compromise!
It’s not uncommon for popular services to eventually fall victim to abuse. In this case, we explore how spammers are using Google Classroom to lure their victims (at elementary school!) to dating websites and generate revenue via affiliate programs associated with such sites ... Read More
