Spam

Spam / News Briefs

Spam-Friendly Registrar 'Dynamic Dolphin' Shuttered by ICANN

Neil Schwartzman writes: Brian Krebs is reporting in KrebsOnSecurity that ICANN last week revoked the charter of Dynamic Dolphin, a registrar that has long been closely associated with spam and cybercrime. "The move came almost five years after this reporter asked the Internet Corporation for Assigned Names and Numbers (ICANN) to investigate whether the man at the helm of this registrar was none other than Scottie Richter, an avowed spammer who has settled multi-million-dollar spam lawsuits with Facebook, Microsoft and MySpace over the past decade..." more»

Arrest Made in Connection to Spamhaus DDoS Case

According to a press release by the Openbaar Ministerie (the Public Prosecution Office), a dutch man with the initials SK has been arrested in Spain for the DDoS attacks on Spamhaus. more»

Massive Spam and Malware Campaign Following Boston Tragedy

On April 16th at 11:00pm GMT, the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy. The spam messages claim to contain news concerning the Boston Marathon bombing, reports Craig Williams from Cisco. The spam messages contain a link to a site that claims to have videos of explosions from the attack. Simultaneously, links to these sites were posted as comments to various blogs. more»

Largest DDoS Attack To Date Aimed at Spamhaus Effects Global Internet Traffic

The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history. A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet. It is having an impact on popular services like Netflix -- and experts worry it could escalate to affect banking and email systems. more»

Google Removes All Sites Under .CO.CC Over Security Concerns

Dennis Fisher in ThreatPost reports: "In a rare and sweeping move, Google has removed all of the sites hosted on .co.cc domains from its search results, saying that because such a large percentage of the sites on that freehosting provider are low-quality or spammy, they decided to de-index all of them. The .co.cc domain is well-known in security and anti-spam circles for being a favorite spot for phishing and spam domains, but there also are legitimate domains hosted there." more»

Happy Canada Day from the CRTC

Neil Schwartzman writes to report: "CAUCE reports that the CRTC published long-awaited regulations (a big step towards Canada's Anti-spam Law (AKA C28) coming into force), late June 30, the day before Canada Day. The regulations are, as anticipated, very terse and do little to water down the strong nature of the law; they move to clarify certain aspects of express vs. implied consent, among other things." more»

Researchers Use Social Graphs to Detect Spammers, Attackers

A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more»

CAUCE Director Neil Schwartzman Wins Prestigious MAAWG Award

CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more»

Research Detects Spammers Using Fake URL-Shortening Services

New research has uncovered evidence of spammers establishing their own fake URL-shortening services for the first time. According to the latest MessageLabs Intelligence report, shortened links created on these fake URL-shortening sites are not included directly in spam messages; instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. "Rather than leading directly to the spammer's final Web site, these links actually point to a shortened URL on the spammer's fake URL-shortening Web site, which in turn redirects to the spammer's final Web site." more»

Garth Bruen Discussing Whois, DNSSEC and Domain Security

NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more»

More Targeted Phishing, Spam and Mobile Attacks; IBM Reports 150K Security Events Per Second

IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more»

New Anti-phishing Initiative Introduced by Yahoo!

Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more»

Microsoft, Federal Agencies Take Down Rustock Botnet

Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more»

Google to Let Users Block Sites Based on Domain Names

In pursuit of its efforts to improve Google search results, the company on Thursday announced the release of a new feature that enables users to block specific search results based on domain names. more»

Conflict Over Efforts to Develop a Best-Practices Document for Blacklist Operators

Neil Schwartzman writes to report: "Ken Magill covers the current rake fight on the IRTF's Anti-Spam Research Group mailing list concerning anti-spam DNS Blacklist, or Blocklist, (DNSBL) operators charging for delistings, that is well worth a read, he has quotes from many experts and leaders in the industry who are decidedly against the practice." more»