Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

March, 2010

  • Terry Zink: Security Talk

    Geeks all trust each other but not in China

    • 0 Comments
    Brian Krebs has a post up today on his blog indicating that the amount of spam ending in .cn has declined dramatically due to steps taken by the Chinese government making it more difficult to get a domain ending in .cn: In mid-December 2009, the China...
  • Terry Zink: Security Talk

    US leads in cybersecurity/US does not lead in cybersecurity

    • 0 Comments
    Depending on the articles you read, the US is either a leader in cybersecurity or it isn’t.  According to an article from the E-CommerceTimes: A new bill introduced in the Senate on Tuesday aims to put the United States in a leading role in the global...
  • Terry Zink: Security Talk

    Survey request from Forefront Server Protection team

    • 0 Comments
    My friends over in the Forefront Server Protection team have asked me to post a survey on my blog, and I have agreed to do so.  They are conducting research to understand what applications you would like to protect, and how you would like them protected...
  • Terry Zink: Security Talk

    A bit about Zeus

    • 0 Comments
    As I posted a couple of weeks ago, the Zeus botnet was partially taken down after researchers worked with ISPs to disconnect them.  Even though this victory was only temporarily short-lived, it’s still nice to know that botnets can be targeted for...
  • Terry Zink: Security Talk

    Russian spam stats

    • 0 Comments
    I was checking out a blog post by Dancho Danchev on ZDnet , he has some interesting statistics on Russian spam.  In it, he describes how much spam is Russian and how much money they are making.  Rather than summarize his views, I thought I would...
  • Terry Zink: Security Talk

    The Google vs China standoff

    • 2 Comments
    CircleID has an update on the latest Google vs China standoff: Earlier this year Google made the announcement that it is reviewing its business operations in China and considering possible closure due to China's cyberattacks and limits on free speech...
  • Terry Zink: Security Talk

    Twitter moves to mitigate abuse

    • 1 Comments
    Twitter recently announced that taking action to mitigate spam and abuse of its service: A couple weeks ago, Biz explained how Twitter users were being victimized by phishing scams spread primarily through links in Direct Messages. Basically, people click...
  • Terry Zink: Security Talk

    Spam trend this week – new malware targeting Facebook

    • 0 Comments
    One of our spam analysts who works out of our Dublin, Ireland office, Kai Yu, wrote this on our internal malware blog.  I am reposting it here because I think that it is an important topic for this past week. Since March 17th, there has been a large...
  • Terry Zink: Security Talk

    Abusive users

    • 2 Comments
    I have a YouTube account with a bunch of my videos on it, and about two months ago I was contacted by another magician.  He was commenting on my version of Any Card , wherein any named card appears at any named number in the deck.  It’s an incredible...
  • Terry Zink: Security Talk

    What we know (and learned) from the Waledac takedown

    • 0 Comments
    I was originally going to post excerpts from this and add my comments, but I have decided to post the whole thing.  Jeff Williams is part of Microsoft’s Malware Protection Center, and posted this on the MMPC blog.  I am reprinting it in its...
  • Terry Zink: Security Talk

    A little love for the Waledac takedown after all

    • 0 Comments
    On another corner of the Internet, ThreatPost reports that Microsoft’s Waledac take down a couple of weeks ago did, in fact, have far reaching impact. While some on the Internet were claiming that Microsoft’s actions had little to no effect, it turns...
  • Terry Zink: Security Talk

    A bit more on stolen information

    • 2 Comments
    In my previous post, I called attention to a story where a bank employee in Switzerland stole information from HSBC’s list of clients and gave (or more probably, sold) it to the French government.  The government intended to use the data to go after...
  • Terry Zink: Security Talk

    Stolen information from a bank… and *not* from phishing!

    • 0 Comments
    On Friday, I went to Bloomberg’s financial page and browsed a few articles.  I read an article which stated that HSBC revealed that a former employee stole details on 15,000 existing user accounts: March 11 (Bloomberg) -- HSBC Holdings Plc’s Swiss...
  • Terry Zink: Security Talk

    Microsoft sues spammer for spimming

    • 0 Comments
    Instant messaging spam, or spim (Spam over IM), is not something I have a lot of experience with.  However, yesterday (Thursday, March 11), Microsoft announced that it reached a settlement with Funmobile, a company it sued last July, accusing it...
  • Terry Zink: Security Talk

    Another one (partially) bites the dust

    • 0 Comments
    Following in the footsteps of Lethic, Waledac and Mariposa, yet another botnet has been taken offline.  Not completely, though, it was only a partial disconnect.  The Zeus botnet, also known as Zbot , is a trojan password stealer that captures...
  • Terry Zink: Security Talk

    What do my stats say on Waledac’s takedown?

    • 0 Comments
    In my previous post, I wrote that other security researchers didn’t find much impact after Microsoft obtained a court order to take down 270+ domains associated with the waledac botnet. What do my own statistics say? Waledac is one of the smaller...
  • Terry Zink: Security Talk

    No love for Microsoft’s Waledac takedown

    • 1 Comments
    A couple of weeks ago, I wrote on the story that Microsoft had obtained a court order to take down numerous domains associated with the Waledac botnet.  It’s now been a period of time since then, did the takedown actually affect spam levels out of...
  • Terry Zink: Security Talk

    What’s the break down of spam?

    • 0 Comments
    I see on Symantec’s Twitter feed that roughly 82% of all spam is pharmaceutical spam. Pharmaceutical spam now accounts for 81.9% of all spam. Europe is more likely to receive it than other regions, and Asian ones least of all. My own...
  • Terry Zink: Security Talk

    Malware in a nutshell

    • 2 Comments
    I was browsing YouTube today and I found an online video starring David Perry of Trend Micro.  Perry explains the nature of various web-based threats using building blocks.  It’s actually a pretty good introduction for those who don’t understand...
  • Terry Zink: Security Talk

    How much do botnets re-use their IPs?

    • 7 Comments
    One of the assumptions that I have long held about botnets is that they grab a compromised computer, spam it like crazy and then abandon it once it lands on an RBL.  Eventually, this RBL delists it due to dormant activity, and later on the botnet...
  • Terry Zink: Security Talk

    Not a great week for outbound spam

    • 0 Comments
    It hasn’t been a great week this week (March 1-5) for some of our customers who use us for outbound mail relay.  I’m not going to name names because there have been a wide variety of users, but every single day this week we have had one or two organizations...
  • Terry Zink: Security Talk

    Authorities take down the Mariposa botnet

    • 0 Comments
    There are a number of sources talking about the takedown of the Mariposa botnet, here are a few of the good ones: The Associated Press details the story and talks about the technical aspects of the takedown. Boing Boing only has an excerpt.  Nothing...
  • Terry Zink: Security Talk

    Why send spam over TLS?

    • 5 Comments
    In my previous post, I noted that rustock had started sending us a whole pile of spam over the TLS protocol.  The question now is why do it at all?  I mentioned in my post that this is clever behavior and one of my readers posted in a comment...
  • Terry Zink: Security Talk

    More spam via TLS

    • 4 Comments
    The other day, one of our architects was tinkering around and discovered that approximately 40% of the total inbound connections to our network were connecting to us via TLS.  This seemed to be a rather high number, so that spurred an investigation...
  • Terry Zink: Security Talk

    Old fashioned security

    • 0 Comments
    Via xkcd .
Page 1 of 1 (25 items)