Outgoing network traffic & Malicious Activity
SANs has a nice write-up about analyzing outgoing network traffic to identify malicious activity. They list a bunch of ip blocklists and IP reputation sources.
(We’ve also has two updates since the last post, busy at our real $Jobs…)