A few days ago was another workshop ran by the USENIX folks, this time on botnets, spyware, and spam called LEET. All presentations are now online for you to enjoy.

The most talked about topic from all the presentations was the Storm botnet. None of the researchers could agree on the number of machines Storm has under its control, but they all seemed to agree that it was larger than 200,000 machines. Slashdot also picked up on the story.

A neat phishing resource that I wasn’t aware of is PhishTank. Ran by the OpenDNS crew, they list domains that are used for fraudulent purposes.

Lastly, there was an awesome presentation on malicious hardware. The researcher was able to modify an FPGA board and add additional logic gates to act as a permanent backdoor to the system. They also wonder if it is possible to inject an attack like this into a commercial supply chain. A few examples that came to mind was the counterfeited Cisco hardware, and infected Apple iPods. Scary stuff huh?