I just finished reading Richard Clarke and Robert Knake's book Cyberwar. Though the book has flaws, some of them serious, the authors make some important points. They deserve to be taken seriously. I should note that I disagree with some of my friends about whether or not "cyberwar" is a real concept. Earlier, I speculated that perhaps it might be a useful way to conduct disinformation operations, but it need not be so limited. more
When it comes to the problem of outbound spam, one of the experiences that I have, and this was reaffirmed at TechEd, is that the number one source of compromised accounts are educational institutions. That is to say, whenever we have an outbound spam problem and have to hunt down where it is coming from, the highest number of these accounts are phished accounts/credentials from users at an educational institution. Why is this? Why does so much spam originate from universities? more
A recent decision from a federal district court addresses an issue I hadn't seen before: whether searching malware on the suspect's computer was outside the scope of the search warrant issued for that computer. It seems a narrow issue, and unfortunately the opinion issued in the case doesn't tell us a whole lot about what happened; but I thought the issue was worth writing about, if only to note that it arose. more
Since November of last year we have been discussing the problem of illicit and illegal online pharmacy support by ICANN-accredited Registrars. In several articles and direct contact with the Registrars we have tirelessly tried to convey the seriousness of this problem, many listened, some did not... With the background information already known, the case presented here is much more specific and concerns EvaPharmacy, which was until recently, the world's largest online criminal pharmacy network. more
The first step (but certainly not the last) towards saving the internet from spam, malware, and other abuse is to keep your own network clean. A friend of CAUCE, who wishes to remain anonymous, offers these tips and resources to help you identify problem traffic emanating from your network, and clean it up. Though primarily written for ISPs, many of the items below should apply equally well to any network owner. more
Gary Warner over at Cyber Crime and Doing Time has a good post up this week about the CallService.biz website being shut down. I have posted a few good excerpts and added my comments to the end. ... Warner's take on the world of spam, malware, hacking and phishing is that unless people actually go to jail because they are spamming, the problem of spamming will never get better. That's because when the security industry fixes the latest hole or comes up with a new technology to stop the newest threat, spammers simply move onto another. more
Some email discussion lists were all atwitter yesterday, as Sourcefire's open-source anti-virus engine ClamAV version 0.94.x reached its end-of-life. Rather than simply phase this geriatric version out the development team put to halt instances of V0.94 in production yesterday, April 15, 2010. In other words, the ClamAV developers caused version .94 to stop working entirely, and, depending upon the implementation, that meant email to systems using ClamAV also stopped flowing. more
The 2010 version of the now-annual Messaging Anti-abuse Working Group (MAAWG) 'Email Security Awareness and Usage Report' was released yesterday. While un-belied by the title, the vernacular name might get a bit more attention: "The MAAWG Consumer Email Survey". ... Consumers were surveyed in North America and across Europe with variety of questions from computer expertise and savvy, to their preferences of email. more
In January we presented the glorious history of the MIT spam conference, today we present the schedule for the first day. Opening session will be from this author, Garth Buren with a topic entitled The Internet Doomsday Book, with details be released the same day as the presentation. Followed by Dr. Robert Bruen with a review of activities since the last MIT spam conference... more
Following in the footsteps of Lethic, Waledac and Mariposa, yet another botnet has been taken offline. Not completely, though, it was only a partial disconnect. The Zeus botnet, also known as Zbot, is a trojan password stealer that captures passwords and sends them to the attacker. more
A World-Renowned Source for Internet Developments. Serving Since 2002.