[Emerging-Sigs] Blackhole served via Yahoo
jesler at sourcefire.com
Mon Dec 17 09:55:35 HAST 2012
I'm fairly positive they have been contacted judging by the sources of the blacklist information that we have.
On Dec 17, 2012, at 2:52 PM, Martin Holste <mcholste at gmail.com> wrote:
> Ok, so pretty recent then. Anyone have a decent contact at Yahoo? We have a lot of local businesses hosted on these IP's, so I don't want to block unless there's no option for remediation.
> On Mon, Dec 17, 2012 at 1:50 PM, Joel Esler <jesler at sourcefire.com> wrote:
> On Dec 17, 2012, at 2:20 PM, Martin Holste <mcholste at gmail.com> wrote:
>> That's definitely what's being dropped, but we haven't blocked due to so many legit pages on that IP. Any idea how long they've been on your blacklist for?
> Since the 13th of December.
> Joel Esler
> Senior Research Engineer, VRT
> OpenSource Community Manager
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Emerging-sigs