{"id":56337,"date":"2024-06-17T01:59:12","date_gmt":"2024-06-17T01:59:12","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/"},"modified":"2024-06-17T01:59:12","modified_gmt":"2024-06-17T01:59:12","slug":"that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/","title":{"rendered":"That didn&#8217;t take long: replacement for SORBS spam blacklist arises &#8230; sort of"},"content":{"rendered":"<p><span class=\"label\">In Brief<\/span> A popular spam blocklist service that went offline earlier this month has advised users it is down permanently \u2013 but at least one potential candidate is stepping up to try to fill the threat intelligence void.<\/p>\n<p>Data security firm Data443, citing <a href=\"https:\/\/www.theregister.com\/2024\/06\/07\/sorbs_closed\/\">exclusive reporting<\/a> by our Simon Sharwood, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/finance.yahoo.com\/news\/data443-releases-updated-open-source-201500498.html\">said<\/a> last week it plans to begin offering free access to its own spam domain and IP blocklist service for members of the Spam and Open Relay Blocking System (SORBS) community.<\/p>\n<p>SORBS was, until June 5, a free DNS-based block list containing records for more than 12 million servers used for spamming, phishing and scamming. More than 200,000 organizations made use of SORBS until security vendor Proofpoint took it offline, citing &#8220;various factors impacting the service&#8217;s sustainability.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Lest you think Data443 has acquired the SORBS codebase, that doesn&#8217;t appear to be the case.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Instead of a continuation of SORBS itself, Data443 is offering &#8220;a slight time-lagged edition of our commercial offerings&#8221; in a limited fashion &#8220;specifically on domain\/IP blocklists,&#8221; according to the signup <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/data443.com\/sorbs-new-customers-survey\/\">page<\/a> for its &#8220;SORBS onboarding&#8221; process.<\/p>\n<p>Data443 founder and president Jason Remillard confirmed to <em>The Register<\/em> that the data is coming from his company&#8217;s Cyren platform, which includes an email protection element alongside other threat analysis and cyber security elements.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;We don&#8217;t need the [SORBS] codebase to deliver results \u2013 our platform has the capabilities to produce the data,&#8221; Remillard declared. &#8220;One good thing about SORBS is there is a public record (generally) of why\/how they made decisions.&#8221;<\/p>\n<p>In other words, this isn&#8217;t actually SORBS. Whether Data443 is pursuing acquisition of the SORBS codebase is unknown \u2013 we asked, but it declined to comment on the record. <em>The Register<\/em> understands SORBS has not been sold.<\/p>\n<p>Of course, the fact Data443 is giving SORBS users a free peek at a premium service means it&#8217;s sure to start offering deals on its additional offerings \u2013 just look at all the information you have to provide in that signup page.<\/p>\n<div class=\"boxout\" readability=\"10.20665742025\">\n<h3 class=\"crosshead\">Critical vulnerabilities: Apparently it was OT Patch Tuesday, too<\/h3>\n<p>This portion of the roundup is usually short in the week after Patch Tuesday, but not this time. It looks like the OT and ICS worlds have decided to throw their own vulnerability festivals this week. Consumers weren\u2019t spared, either.<\/p>\n<ul>\n<li>CVSS 10.0 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-163-04\">CVE-2024-1839<\/a>: Intrado&#8217;s 911 Emergency Gateway appliances are vulnerable to SQL injection that can be used to execute code, exfiltrate data and manipulate databases.<\/li>\n<li>CVSS 9.8 \u2013 <a target=\"_blank\" href=\"https:\/\/www.twcert.org.tw\/en\/cp-139-7860-760b1-2.html\" rel=\"nofollow noopener\">Multiple CVEs<\/a>: Taiwan&#8217;s CERT has advised that seven ASUS Wi-Fi routers have and authentication bypass vulnerability that could allow unauthenticated remote attackers to log in the device. ASUS has <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.asus.com\/content\/asus-product-security-advisory\/\">issued fresh firmware<\/a> to fix the flaw.<\/li>\n<li>CVSS 9.8 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-108-02\">Multiple CVEs<\/a>: Schneider Electric&#8217;s Easy UPS Online Monitoring software for various Windows versions is vulnerable to OS command injection and authentication bypass.<\/li>\n<li>CVSS 9.8 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-10\">Multiple CVEs<\/a>: A number of Siemens SIMATIC and SIPLUS devices are vulnerable to a chain of attacks that allow attackers to leak memory, execute code and deny service.<\/li>\n<li>CVSS 9.8 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-074-14\">Multiple CVEs<\/a>: Mitsubishi Electric MELSEC-Q\/L series controllers \u2013 lots of them \u2013 contain vulnerabilities that could allow an attacker to execute malicious code or read arbitrary info with a specially crafted packet.<\/li>\n<li>CVSS 9.1 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-12\">Multiple CVEs<\/a>: Siemens SCALANCE W700 devices are vulnerable to a number of issues that can allow an attacker to execute system-level commands.<\/li>\n<li>CVSS 8.8 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-02\">CVE-2024-35292<\/a>: A whole bunch of Siemens SIMATIC S7-200 PLCs are using insufficiently random IP ID sequences, making them vulnerable to a certain kind of DoS attack.<\/li>\n<li>CVSS 8.7 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-13\">Multiple CVEs<\/a>: Siemens SINEC Traffic Analyzer prior to v1.2 contain issues that can allow an attacker to cause DoS, cause information disclosure and modify files.<\/li>\n<li>CVSS 8.7 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-medical-advisories\/icsma-24-163-01\">Multiple CVEs<\/a>: MicroDicom&#8217;s DICOM Viewer for medical imaging is vulnerable to stack-based buffer overflow and is improperly authenticating users, allowing images to be deleted or replaced.<\/li>\n<li>CVSS 8.7 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-19\">Multiple CVEs<\/a>: Motorola Solutions Vigilant Fixed LPR Coms Box license plate readers are subject to a number of vulnerabilities that could allow an attacker to access sensitive information and credentials and perform a replay attack.<\/li>\n<li>CVSS 8.5 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-07\">CVE-2024-36266<\/a>: Siemens PowerSys versions prior to 3.11 are insufficiently protecting responses to authentication requests, opening the door for an attacker to gain admin privileges.<\/li>\n<li>CVSS 8.5 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-14\">Multiple CVEs<\/a>: Fuji Electric Tellus Lite V-Simulator versions before 4.0.20.0 are vulnerable to OOB write and stack-based buffer overflow, allowing local code execution.<\/li>\n<li>CVSS 8.5 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-17\">CVE-2024-37369<\/a>: Rockwell Automation FactoryTalk View SE version 12.0 contains a privilege escalation vulnerability.<\/li>\n<li>CVSS 8.4 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-163-02\">CVE-2024-3468<\/a>: AVEVA PI Web API contains a deserialization of untrusted vulnerability that could allow an attacker to perform RCE.<\/li>\n<li>CVSS 8.3 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-163-01\">CVE-2024-5659<\/a>: Several Rockwell Automation ControlLogix, GuardLogix and CompactLogix controllers can be forced into a nonrecoverable fault state when receiving abnormal mDNS packets.<\/li>\n<li>CVSS 8.2 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-04\">Multiple CVEs<\/a>: Siemens ST7 ScadaConnect versions prior to 1.1 are vulnerable to a number of issues that could cause info disclosure or DoS and allow RCE.<\/li>\n<li>CVSS 8.2 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-16\">CVE-2024-37367<\/a>: Rockwell Automation FactoryTalk View SE version 12.0 is improperly authenticating remote users, allowing them to view HMI projects without authorization.<\/li>\n<li>CVSS 8.2 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-165-18\">CVE-2024-37368<\/a>: Rockwell Automation FactoryTalk View SE version 11.0 contains the same issue as CVE-2024-37367.<\/li>\n<\/ul>\n<\/div>\n<h3 class=\"crosshead\">Georgia woman charged with extensive cyber stalking crimes<\/h3>\n<p>A woman from the US state of Georgia has been <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.justice.gov\/usao-mdtn\/pr\/athens-georgia-woman-indicted-cyberstalking-and-threat-offenses\">charged<\/a> with two counts of cyber stalking and another count of interstate transmission of threats after engaging in an online adoption scam targeting a Tennessee couple.<\/p>\n<p>The Department of Justice&#8217;s announcement states that Gabryele Watson faces up to 15 years if convicted of all three charges. She allegedly harassed the couple online with intent to cause distress, and also texted them threats of abduction and murder by hitmen.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>This doesn&#8217;t appear to have been Watson&#8217;s first brush with the law: <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.fbi.gov\/how-we-can-help-you\/victim-services\/seeking-victim-information\/seeking-victim-or-witness-information-in-adoption-scam-investigation\">According<\/a> to the FBI, Watson&#8217;s allegedly done similar things since around 2015. The Bureau is asking other victims to come forward to substantiate the claims of the case.<\/p>\n<h3 class=\"crosshead\">Alleged Tesla charging secret thief pleads guilty<\/h3>\n<p>You may recall that in March 2024 a Canadian battery exec was arrested for allegedly selling secrets of Tesla&#8217;s battery charging technology to a pair of undercover federal agents. Well, now we have his admission that the charges were true.<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/03\/20\/tesla_complaint\/\" rel=\"noopener\">Klaus Pflugbeil<\/a>, who holds Canadian citizenship but lives in China, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.justice.gov\/opa\/pr\/resident-china-pleads-guilty-conspiracy-send-leading-electric-vehicle-companys-trade-secrets\">admitted<\/a> last week to absconding with trade secrets from his employer, battery parts manufacturer Hibar Systems, after Tesla purchased the company in 2019. Pflugbeil then teamed up with another former Hibar colleague to obfuscate the source of their stolen technology before starting a business in China offering similar components.<\/p>\n<p>The tech in question \u2013 called continuous motion assembly \u2013 is a proprietary battery production technology developed by Hibar and now in use at Tesla. According to the original complaint, Tesla spent around $13m researching the technology before buying Hibar.<\/p>\n<p>Having pled guilty, Pflugbeil is facing up to a decade in prison when he&#8217;s sentenced in October. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/06\/17\/infosec_news_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ALSO: online adoption cyberstalker nabbed; Tesla trade secrets thief pleads guilty; and a critical ASUS Wi-Fi vuln In Brief\u00a0 A popular spam blocklist service that went offline earlier this month has advised users it is down permanently \u2013 but at least one potential candidate is stepping up to try to fill the threat intelligence void.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-56337","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>That didn&#039;t take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"That didn&#039;t take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-17T01:59:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"That didn&#8217;t take long: replacement for SORBS spam blacklist arises &#8230; sort of\",\"datePublished\":\"2024-06-17T01:59:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/\"},\"wordCount\":1146,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/\",\"name\":\"That didn't take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-06-17T01:59:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"That didn&#8217;t take long: replacement for SORBS spam blacklist arises &#8230; sort of\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"That didn't take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/","og_locale":"en_US","og_type":"article","og_title":"That didn't take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-06-17T01:59:12+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"That didn&#8217;t take long: replacement for SORBS spam blacklist arises &#8230; sort of","datePublished":"2024-06-17T01:59:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/"},"wordCount":1146,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/","url":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/","name":"That didn't take long: replacement for SORBS spam blacklist arises ... sort of 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-06-17T01:59:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zm@zBacAeN107pInuRT5mQAAAMA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/that-didnt-take-long-replacement-for-sorbs-spam-blacklist-arises-sort-of\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"That didn&#8217;t take long: replacement for SORBS spam blacklist arises &#8230; sort of"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56337","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56337"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56337\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56337"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56337"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56337"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}