If you haven’t noticed lately, spam levels around the world have started dropping especially in October after a couple of events occurred.  The first is a Russian crackdown on alleged spam king Igor Gusev, thought to be involved in the operations...

If imitation is the sincerest form of flattery, then this has to be good news for Microsoft.  F-Secure recently found a piece of malware that spoofed Microsoft Security Essentials.  Here’s a link to the article : "Not only does this fake...

I have a stock trading account (actually, I have 4 – two that I used to use but no longer do and can’t seem to close, and one I signed up for and never used and can’t seem to close).  I get a daily email every day with a morning briefing that I sometimes...

As I was saying in my previous post, when it comes to measuring effectiveness you need to take a lot of samples in order to do it properly from a statistical point of view.  This makes it difficult to attain accurate metrics unless you have a pretty...

There are a few organizations out there that measure the effectiveness of various vendors – Virus Bulletin, West Coast Labs, and ICSA to name a few.  These vendors will compare and measure a particular filter’s spam effectiveness on a scale of 1...

Two weeks ago, Microsoft started detecting the Zeus malware in its Malicious Software Removal Tool, a free piece of software that Microsoft provides to Windows users that removes malware from their computers (the MSRT is not real-time so you still need...

This morning, my co-worker and myself had another disagreement.  This time, it was on the nature of words and their meaning, as well as best practices for mailers. Now, if my regular readers haven’t figured it out by now, my position when it comes...

Via Dilbert .

A couple of days ago, Threatpost posted an article indicating that the United States is the most bot-infected country: The U.S. has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected...

Well, this doesn’t reflect well on Microsoft.  Two IPs belonging to the Microsoft-owned IP space where discovered hosting pharmaceutical spam, and a couple of weeks earlier had been used in a DOS attack against the website KrebsOnSecurity . ...

Today, Microsoft released its 9th edition of the Security Intelligence Report.  You can download the full pdf version here if you so desire.  SIRv9 covers the period of time from January to June 2010.  It contains all of Microsoft’s data...

Over the past year, one of the complaints that we have gotten around spam filtering is filtering out gray mail.  For those of you who don’t know what gray mail is, it is marketing or bulk mail that is sent out en masse and may or may not be wanted...

As a guy who works in the computer security industry, I am well aware of all the advice that we give.  Use different passwords at multiple sites that you login to.  Always install the latest software updates.  Run antivirus programs. ...

At the end of July, Paul Vixie wrote a post entitled Taking Back the DNS wherein he proposed the use of a new technology called the Response Policy Zone, or RPZ (you can read the current draft here , it’s rather implementation specific).  The RPZ...

I was reading Richi Jennings blog and his recent post about whether or not ISPs should cut off infected users from the Internet, that is, if they detect that the user’s machine is infected, do not allow that machine to browse the Internet and instead...

The Register reports today that a glitch on the SORBS blocklist over the past 24 hours ended up causing many thousands of legitimate emails to be blocked: The problems at SORBS — short for the Spam and Open Relay Blocking System — began on Wednesday and...

Last week, I was at the Virus Bulletin conference where one of the presenters, Igor Muttik of McAfee , presented a different approach to measuring a filter’s effectiveness, especially when it comes to zero-day malware.  I will attempt to paraphrase...

Via The Oatmeal , posted by a friend of mine on Facebook: The joke here is that sending a file via email that is 12 MB in size, printing it off, signing it and faxing it back is an unrealistic ask and makes inefficient use of Internet resources. ...