Lulls and storms?
I can't believe it's been nearly a month since my last blog entry, but it has. Time sure flies when you're having fun.
Part of the reason I've not posted is that we are in a lull. There seems to be a pattern emerging of lulls, followed by burst of frenetic activity.
It's not that the Bad Guys aren't doing anything... they're carefully re-organizing their attack scripts to use SetSlice, and XML, and discarding old un-productive exploits like WMF. We've also found some of the exploit hubs trying to reorganize the DirectAnimation exploit from September... the one that never quite worked right. Maybe they'll get it right soon, but it still doesn't work.
However, as I said, we're in a lull, and after a lull comes a .... storm!
We, at Explabs, have no doubt that the smartest of the Bad Guys are carefully preparing their next exploit. There is little doubt that once they have it, they'll sell it to as many online gangs as they can, with the condition that no one can release it until an agreed date, when all will release their versions simultaneously.
When will that be? Only the Shadow knows, but one of these Exploit Wednesdays, we'll wake up and find that we're in the midst and fury of a new storm of exploits and malicious websites.