Category: Everything Else
Microsoft SMTP Security Flaw Affects the Masses
In the flurry of more than twenty security updates which Microsoft released last week, it was easy to overlook one particularly insidious hole: a flaw in SMTP affecting Windows XP, Windows Server, and Exchange Server. There are probably a few computers out there running one or the other of these…
Handful of Zombie Networks Responsible for All Phishing Attacks
Messaging security company CipherTrust has released the results of a study which they say indicates that fewer than five zombie networks are responsible for all phishing attacks worldwide. The report also indicates that the vast majority of phishing comes from the United States, with Korea a clear second, and with…
950,000 .info Domains Grabbed and Held by Registrar
Internet domain registrar eNom is in hot water for reportedly attempting to grab as many as 950,000 (that’s “nine hundred fifty thousand“) .info domain names for domains which already exist as .com domains. According to a report by Netcraft, eNom registered the domains through Sipence, which, interestingly enough, shares a…
Vote for Whomever You Want – But Don’t Take This Poll!
If you get email which encourages you to make a telephone call to express your support for John Kerry or George Bush, don’t do it without thinking twice and reading thrice! Spam which suggests that you make just such a call is making the rounds, but the 900 number provided…
Gaping Security Hole a Pain in the ASP
A gaping hole has just been discovered in Microsoft’s ASP.NET product, which allows access to password protected areas of a website just be altering the URL for access. According to an article published by Netcraft today, the issue involves “a bug in ASP.NET’s handling of URLs, known as “canonicalization.” If…
Make Your C*ck a Hammer (Spamusement Cartoon)
Make Your C*ck a Hammer Spamusement is, according to the Spamusement website, “Poorly-drawn cartoons inspired by actual spam subject lines!” Reprinted with permission of Steven Frank.
FCC to Publish List of Wireless Domains to Which You May Not Send Commercial Email
Here’s a great idea! Let’s make a law which says that you can’t send commercial email to domains which have wireless messaging devices on the other end. So you can’t send commercial email to the email address of a celphone or pager or the likes. So far so good –…
Spam’s Unsubscribe Link Downloads Nasty Things to PC
Now, this just isn’t nice. Still, you have to give the spammers points for cleverness. MessageGate has determined that spam featuring the domain xcelent.biz has gone beyond the usual rudeness of using a click on an unsubscribe link to confirm a warm body on the other side of the email…
Ant Spam Firm Usese Superiod Human Intelligence
We thought that, with all of the dire news around us today, we would share a chuckle with you. You see, according to an article in Security Pipeline, Solinus, the makers of MailFoundry, are making an offer that users of Spam Assassin-based products can turn in their product and receive…
Breaking News: California Has A New Anti-Spam Law
On Friday, with little fanfare, and even less press coverage, California Governor Arnold Schwarzenegger signed Senator Kevin Murray’s SB 1457 into law. A shadow of its former self, SB 1457 still provides spam recipients with something which they haven’t had for some time: a private right of action. SB 1457…
DMA to FTC: Here’s how to define “commercial email” – Everything, Except Anything Our People Send
The Federal Trade Commission is accepting (indeed soliciting) comments from the public regarding certain aspects of CAN-SPAM, including the much discussed “primary purpose” definition. The gist of this aspect of the law is that if the primary purpose of an email is commercial, then it is governed by CAN-SPAM. If…
Own an Anti-Spam Software Company? Commtouch May Own Your *ss.
Commtouch, makers of enterprise and ISP level anti-spam solutions, announced this week that it has acquired a patent which describes “a system that monitors live e-mail, identifies certain characteristics of the e-mail message that appear in more than one e-mail, and blocks other e-mails with the same pattern”. Holy Infringement,…
FTC to Congress Lawrence Lessig Was Right
A lot of people scoffed at Stanford Law School professor Lawrence Lessig when he announced that he would wager his job against the efficacy of a bounty system to track down spammers, offering that if it didn’t work, he’s resign his position at Stanford. However, in a new report by…
For Sale: Your Email Address. Serious offers only. Inquire at Advocacy, Inc.
Political spam has long been considered to be completely immune from any anti-spam law. This is due to the long-cherished constitutional prohibition against the regulation of political speech. If you are a registered voter and haven’t yet received political spam, fear not, you will soon enough. Even sooner, if Advocacy,…
Who are the Earliest Adopters of SPF? Survey says: Spammers!
A survey of nearly 2million pieces of email by security company CipherTrust revealed some interesting facts: 1. Only 5% of the email came from servers which had enabled either SPF or Sender I.D. authentication. 2. Of the email coming from servers with SPF or Sender I.D. enabled, more than half…