This one is of interest to me as I do actually use Twitter as a microblogging service and to keep up with what various friends are up to.
It’s quite an interesting wep app especially paired with something like Twitterfox in your browser and Twibble in your mobile phone.
It must have made it big now though [...]

We all know what botnets are (think so), but anyway let’s see a proper definition of botnets taken from shadowserver… and I quote:

A botnet is a collection of computers, connected to the internet, that interact to accomplish some distributed task. Although such a collection of computers can be used for useful and constructive applications, the [...]

It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint.
It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging [...]

I stopped using ISP based e-mail accounts years ago, they always had lousy spam control and after joining a few mailing lists they used to get flooded with junk.
I always found web based mail systems to have much more effective spam filtering systems, plus I don’t have to waste my time and bandwidth downloading spam [...]

It seems like the Phishing crews at trying to get some new ideas on how to con people into giving away their credentials and leaking info.
The latest target appears to be Google Calendar.
As always be on your guard as these scams are coming from all directions.

A few months ago, spam came to Google Calendar. Now [...]

You might remember a while ago we mentioned MP3 spam, which in October last year was the latest evolution in spam.
Currently there is a new type annoying mail-server owners the world over, it’s known as NDR or Backscatter Spam and involved NDRs or Non Delivery Reports (those emails you get when you send a mail [...]

Looks like India has them moving into the hacking scene young, it’ll happen anywhere with decent network infrastructure and disparate levels of economy. Look at Eastern Europe and China as other examples, India though due to it’s outsourcing culture and plentiful legitimate jobs in the IT industry doesn’t seem to suffer so many problems with [...]

Malware authors are getting sneaky again, in the latest turn of events they have started encrypting your files and holding them at ransom!
You have to pay up to get the ‘decryptor’ and get access to your files again. This is pretty dangerous…and cunning too. It’s not easily broken either, they are using RSA 1024-bit encryption!

Kaspersky [...]

Vishing, now there’s a new term for you. Basically its Phishing - but utilising VoIP call services, which makes it very easy to spoof the Caller ID.
Even though Caller ID Spoofing was Made Illegal in the USA - people will still continue to do it, remember the FCC said it’s still easy to spoof caller [...]

It makes sense, spammers will follow whatever is popular, wherever the social mass is at and reading they will bombard.
In the earlier days Myspace was a big target, now they are moving on to other sites such as Facebook. Social networking sites are an ideal place for spammers as they can exploit the trust between [...]

It seems like spammers are now moving to automated spam via popular web mail services as a way to bypass IP-blacklisting services.
It’s a large advantage for them as they can still use botnet sources to generate the e-mail but the source IP address will be from a ‘trusted’ domain such as Gmail or Yahoo!.

The growing [...]

We wrote a while back about a new wave of sophisticated botnets, which were predicted to overtake Storm and become the largest infectors online.
It seems like it’s come true, after extensive research Damballa has uncovered the biggest botnet ever, which at present has over 400,000 unique IPs (in a space of only 24 hours) which [...]

These spammers and scammers are getting rather clever, and very sneaky. This is still epedemic and seems to be happening more and more. It takes a re-write of many of the large sites online..which frankly isn’t going to happen is it?
It just shows once again the spammers will think of all kinds of weird little [...]

It seems like botnets are getting more sophisticated - we thought the Storm Worm was pretty hot, but some of these new contenders are showing the guys on the dark side has some advanced understanding of technology and the architecture many companies use…this enables them to get deeper inside and remain undetected

Researchers have unearthed two [...]

Ah I think it’s time for controversy on a Tuesday, what do you think about this case where a hacker got some info on a company about it’s soon to be plummeting share prices by breaking into their computer. By investing $41,000 in stock potion trading on the shares that were about to drop - [...]

It seems like malware pushers have found another avenue to delivery their payloads, Embassy websites. Which makes sense as they are probably not maintained well nor updated often meaning the chance they are easily compromised is quite high.
Plus a lot probably use off the shelf CMS software, which when not updated is a playground for [...]

Another tale to do with advertising, it just goes to show it’s really not a good idea to run JavaScript from a 3rd party source on your site, especially if you don’t want your visitors redirected to a porn site!
This is just what happened to Perl.com a few days ago.

Visitors to Perl.com, the O’Reilly Media-owned [...]

Ah so Mr Alan Ralsky one of the biggest spammers of all-time is back in the news after his indictment with 10 others for running a large scale spam operation intended to inflate stocks artificially.
At one time it was thought Mr Ralsky and his friends were responsible for the majority of the spam sent, he’s [...]

It seems Phishing is have effects in ways that weren’t originally obvious, it comes back to the same topic we generally discuss here when it comes to security and consumers.
IGNORANCE.
Someone consumers see a Phishing attempt from ‘Brand X‘ as a negative against that brand…even though it has absolutely nothing to do with the brand and [...]

If you remember a while back we mentioned PDF & Image Attachment Spam - The New Problem with E-mail, now we have another ‘innovation’ in spamming..
MP3 spam!
It seems they are using it for the same old pump and dump tactics (Microcap stock fraud) to artificially inflate stock prices then sell out fast.

Spammers are back with [...]

The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments.
PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer and read [...]

I have noticed an increase in Spam activity lately, especially in Spam blog comments there has been a noticeable surge in the frequency and number.
That’s why we’ve implemented stricter measures against spammers on Darknet and our other sites.
It seems there has been a big raise in the number of bot infected systems, so it’s suggested [...]

I’ve known for a while you can buy software for spamming and MFA (Made for Adsense) site generation for a few hundred USD which utilises Google’s Blogger platform (blogspot.com sites).
You will have seen all the splogs as they are called (spam blogs) hosted on Blogger, a lot of them scrape Darknet articles and repost them [...]

As always, spam filters get better and smarter, but so do spammers..and frankly spammers have more to gain by beating the spam filters so they always work harder and think in more innovative ways.
As they get their spam resembling real emails more and more, the spam filters become less accurate.
On top of that they start [...]

Now this is a massive growth, 8000% percent..woah!
Thankfully losses are still ‘modest’ whatever that means, I guess although the attacks grow in
number, awareness an education also increases (in places like UK anyway) so the risk is fairly well mitigated.

UK incidents of phishing scams have grown 8,000 per cent over the last two years, according to [...]

It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam.
The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20.
20% of the people are sending 80% of the messages, one of the big groups is [...]

The battle is heating up between the spammers e360 and the anti-spam warlords Spamhaus, some say the Internet may meltdown if Spamhaus stops its service..
Some estimates say 80% of spam is stopped by Spamhaus and e-mail could suddenly shoot to a server melting rate if their service is pulled.

The legal battle between antispam organisation Spamhaus [...]

Hackers are switching targets now, companies are getting too hard to break into due to the availability of decently configured perimeter kit like firewalls and IDS.
Plus the information they do get if they manage to break in is often worthless commercially and really not worth the effort.
So instead, they target the end user, home bankers, [...]

Cyber and computer laws are always a grey area, they tend to be very vague and don’t cover specific technologies.
Spam is a good example, look at how long we’ve been getting spammed, and it’s been a SERIOUS problem for at least the last 5 years, spam legislation has only started coming in to effect in [...]

For those that didn’t see, there is a new all singing all dancing ‘light-weight’ Codec in town that is actually a trojan.
Indeed it’s not the first time we’ve seen this kind of thing.
The zCodec software actually messes with your DNS settings.

Users looking for the latest and greatest video software may not just be in danger [...]

Ah China, always been famous for repressing their population, now there repression is moving onto the Internet and using digital means..
Just like the so called ‘Great Firewall of China’, I’ve been meaning to do an article about that for quite some time, I have something drafted.
Anyway the latest thing China has done has made it [...]

Sometimes doing good can help bad things propogate, sometimes it’s good to consider the big picture and the repucussions of your charitable actions.
This is a case where such logic rings true.

Programs to send PCs to third world countries might inadvertently fuel the development of malware for hire scams, an anti-virus guru warns.
Eugene Kaspersky, head of [...]

Recently one of the sites I am developing for my self was link spammed. Some unpleasant individual decided that it would be fun to post 160 “comments” spread over all the blog posts. All the comments contained was URL’s. Even more stupid they used BB tags, but as I wrote the site it doesn’t use [...]

Splogs are becoming a huge problem, half the stuff you search for nowadays returns a splog, mostly auto syndicated content.
I find a lot of my own entries on there, surrounded by Adsense ads.
New age scrapers I guess.

Technorati returns a lot of results from splogs too, but at least they have made some efforts to clean [...]

Scammers are getting more inventive and so it seems more technically advanced. They have actually duplicated the Interpol site to dupe people.

419 advanced fee scammers have created an exact copy of the Interpol website, which is expected to be used to dupe victims into believing they are dealing with the real International Criminal Police Organisation.
A [...]

In my opinion, the best way to keep clean of spam is simple:
The first rule is NEVER reply to spam, NEVER click the unsubscribe link and NEVER e-mail to the unsubscribe address.
These are simply underhand tactics to get ‘active’ e-mail addresses.
Some other tips to avoid getting spammed in the first place:

1) Never use your [...]

Hmm Taiwan are really way ahead of everyone when it comes to being a spam hub, sadly that’s nothing to be proud of and generally it’s due to a large amount of poorly configured/unsecured servers.

Taiwan needs to start doing some vulnerability assessment! Taiwan and Korea have always had loads of open proxies/exploitable machines in my [...]

Sounds complicated, it’s almost a tongue-twister.
It turns out the carders (people using stolen credit card details fraudulently) have worked out how to get money out of the spammers (spamming being massive nowdays)
Fraudsters who deal in stolen credit card data have devised a means to extract money from sponsors of junk mail campaigns.

Carders have signed up [...]

So a friend of mine received a spam, which is not unusual, but this one was a little different.
This guy is in Malaysia, and the spam he usually receives is from all over the place, mostly US-centric, but this one was targetting Malaysians, Malaysian spammer producing Malaysian spam, is it the first?
I asked for him [...]