Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Spam on P2P networks used to be mainly with advertising inside downloaded movies and pictures (mainly pornographic in nature), as well as by hiding viruses and other malware in downloaded warez and most any other file type (from zip archives to movie files). Further, P2P networks were in the past used for harvesting by spammers. Today, P2P has become a direct to customer spamvertizing medium. This has been an ongoing change for a while. As we speak, it is moving from a proof of concept trial to a full spread of spam, day in, day out... more
After Two Security Assessments I Must Be Secure, Right? Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. ...Given you're skepticism, you decide to get one more opinion. ...And the results were less than pleasing. more
A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more
The 47 year old Las Vegas man known as the "Spam King" has been sentenced to 2.5 years in federal prison for sending over half-million spam messages to Facebook users resulting in over 27 million spam messages sent through social networking company's servers. He pleaded guilty last year to one count of fraud. more
I opined about a year ago that DNS blacklists wouldn't work for mail that runs over IPv6 rather than IPv4. The reason is that IPv6 has such a huge range of addresses that spammers can easily send every message from a unique IP address, which means that recipient systems will fire off a unique set of DNSBL queries for every message... Now I'm much less sure this will be a problem... more
It's been a very bad month for ESPs, companies that handle bulk mailings for their clients. Several of them have had internal security breaches, leaking client information, client mailing lists, or both. Many have also seen clients compromised, with the compromised credentials used to send spam. The sequence of events suggests all the ESPs whose clients were compromised were themselves compromised first. (That's how the crooks knew who to attack.) more
WHOIS issues are looming large for the ICANN meeting next week, starting with an all-day WHOIS Policy Review on Sunday (background). WHOIS is a subject that has been the recent topic of a number of issues including a debacle over potentially disclosing the identities of compliance reporters to spammers and criminal domainers. more
This past week we have been seeing some heavy CNN spam -- that is, spam in the form of breaking news stories from CNN.com... These all look like legitimate news stories, and indeed, they probably are taken straight from an actual CNN news bulletin (I don't subscribe so I wouldn't know). Indeed, the unsubscribe information and Terms of Use actually link to actual CNN unsubscribe pages. However, if you mouse-over all of the news links, they go to a spam web page wherein the payload is either a spam advertisement or you click on another link to download a file and flip your computer into a botnet. more
DNS blacklists for IPv4 addresses are now nearly 15 years old, and DNSBL operators have gathered a great deal of expertise running them. Over the next decade or two mail will probably move to IPv6. How will running IPv6 DNSBLs differ from IPv4? There aren't any significant IPv6 DNSBLs yet since there isn't significant unwanted IPv6 mail traffic yet (or significant wanted traffic, for that matter), but we can make some extrapolations from the IPv4 experience. more
We touched on this subject in the past, but recently Rich Kulawiek wrote a very interesting email to NANOG to which I replied, and decided to share my answer here as well: I stopped really counting bots a while back. I insisted, along with many friends, that counting botnets was what matters. When we reached thousands we gave that up. We often quoted anti-nuclear weapons proliferation sentiments from the Cold War, such as: "why be able to destroy the world a thousand times over if once is more than enough?" we often also changed it to say "3 times" as redundancy could be important... more
The IETF DKIM working group has been making considerable progress, and now has a close-to-final draft. DKIM will let domains sign their mail so if you get a message from [email protected], the furble.net mail system can sign it so you can be sure it really truly is from furble.net. But unless you already happen to be familiar with furble.net, this doesn't give you any help deciding whether you want the message. This is where the new Domain Assurance Council (DAC) comes in... more
This is, of course, about the recent NYT article that showcases the results of Prof Stefan Savage and his colleagues from UCSD/Berkeley. As my good friend and longtime volunteer at CAUCE, Ed Falk, points out, this is a great find, but hardly a FUSSP. The nice thing about the fight against bots and spammers is these little victories people on "our" side keep having in an endless series of skirmishes and battles... more
Black Frog -- a new effort to continue the SO-CALLED Blue Security fight against spammers. A botnet, a crime, a stupid idea that I wish would have worked -- News items on Black Frog. Blue Frog by Blue Security was a good effort. Why? Because they wanted to "get spammers back". They withstood tremendous DDoS attacks and abuse reports, getting kicked from ISP after ISP. ...The road to hell is filled with good intentions. Theirs was golden, but they got to hell, quite literally, non-the-less. ...When Blue Security went down, some of us made a bet as to when two bored guys sitting and planning their millions in some café would show up, with Blue Security's business plan minus the DDoS factor. Well -- they just did. more
This very interesting document was released by ICANN's Generic Names Supporting Organization (GNSO) for public comment yesterday. And it asks some fundamental questions while at the same time pointing to sources such as the Honeynet Alliance's reports on fast flux. more
The California Supreme Court issued its opinion in Kleffman v. Vonage, a case certified from the Ninth Circuit. The California Supreme Court held that the transmission of "commercial e-mail advertisements from multiple domain names for the purpose of bypassing spam filters" does not violate California's spam statute. more
A World-Renowned Source for Internet Developments. Serving Since 2002.