We here a lot about the rise of organized crime and the sophistication of the attackers. While this is true, in many cases I still see amateurish type attacks.
While reviewing an IPS I found the following messages. IPS still provides a great way to detect bot-nets and while there is an obvious problem on this network these IRC connections are being blocked by the IPS.
An interesting article related to this can be found here.
|#usb||Infected usb drive: E:|
Interesting Nicknames to an IRC channel