Bar plots like these may raise more questions than answers.

Without any y-axis label what are we to make of this? We don't really have a sense of scale.

Are two months on the x-axis long enough to show correlation or just coincidence?

They show graphs only for select neighbor countries all with a spike on or around around 3/1. What about non-neighbor countries? Could this have been a global phenomenon?

Don't want to pick on the source (in the image alt text), because we see this sort of thing often. Gentle reminder to blog authors that your deep dives may need to go a little deeper if you want us to cite them.

Am I the only one still using these things?

#ThrowbackThursday

Yeeha! This would be one heck of a route leak:

... but presumably just some local CIDR Report breakage. :-) Reaching out to Geoff.

#ThrowbackThursday

An old screen cap from ~2006-2007. If I recall, Snatch-2 was a toolkit that included a #DDoS component kind of like BlackEnergy maybe? popular in Russian underground forums at the time

Some remnants of the home page URL are available in the Wayback Machine.

When you're trying to get #Google to help them fix a problem they have in relaying an email to a list (they are forwarding as if it they are originating your non-GMail email, thus incurring an SPF failure) their helpful support team to the rescue (see image attached).

FYI... the second thing they want is a screen cap of the client SMTP config.

Very temped to send a screenshot with some pretty obnoxious NSFW images and profanity-laden text in the test email.

On 2025-11-05 CAMTEL (#AS15964) began announcing 4.0.0.0/8 and 8.0.0.0/8. Others announce more specific prefixes within them, but as the plot shows CAMTEL is now receiving an elevated amount of traffic to the corresponding, unannounced address space in these large prefixes.

Joint insight with @resingm at our $dayjob.