There is currently a Sinowal injection attack doing the rounds, redirecting traffic to the following domains on 46.165.192.97:
cbchhuacyus.com
ibccmsuiyus.com
wbccmquwyus.com
There may well be other domains on the same server, blocking traffic to 46.165.192.97 would probably be prudent. The payload is being analysed (I will post an update later), but detection rates are not good.
No comments:
Post a Comment