Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    Classic Viagra spam

    • 0 Comments
    It's been a while since I processed the spam abuse inbox, but I came across the following spam message today. Usee \/ i a g r /\ Proo and all wmoen wiill be yorus. Etxend the qualtiy of yoour sxeual perfromance with Ge |\| eerik \/ i a g r /\. ...
  • Terry Zink: Security Talk

    Sender authentication part 19: How spammers evade SPF

    • 6 Comments
    How would a spammer get around SPF? One way is the method used by Spammer-X in his book Inside the Spam Cartel . Spammer-X is a retired spammer (so he says) and goes into a lot of the details in his book. I'll give a review when I'm done this series on...
  • Terry Zink: Security Talk

    Oil and Gas Cyber Security Forum

    • 2 Comments
    A reader recently brought to my attention an upcoming conference in London in the UK – The Oil and Gas Cyber Security Forum .  Here’s a little blurb: Despite investments into state of the art technology, a majority of the oil and gas industry remain...
  • Terry Zink: Security Talk

    Think China is the top spamming country? Think again.

    • 4 Comments
    I've been doing some research internally to prepare for Microsoft's next Security and Intelligence report, but I thought I'd give my readers a sneak preview.  These numbers are quite surprising so I thought I'd share them. In my department, we block...
  • Terry Zink: Security Talk

    Closing in on the Google hackers

    • 9 Comments
    Joseph Menn has an article on CNN.com wherein the crux of the story is that US experts are closing in on the hackers that broke into Google last month.  It is believed by some that the Chinese government sponsored these hackers.  China, naturally...
  • Terry Zink: Security Talk

    A comparison of antispam vendors

    • 3 Comments
    InfoWorld recently released a report where they compared the effectiveness of various spam filters.  It's mostly about on-premise anti-spam appliances.  They do touch on hosted solutions but don't go into much detail.  At the end, they...
  • Terry Zink: Security Talk

    10,000 different versions of Viagra

    • 0 Comments
    Viagra spam continues to be the most uniquely spammed product. By unique, what I mean is if you take a specific product, be it a Rolex, mortgage refinance or university degree, Viagra occurs more often than any other product. I never realized how much...
  • Terry Zink: Security Talk

    Gmail disappointing me... a lot like Walmart

    • 6 Comments
    In the past week or so, I have been getting quite a bit of spam in my Gmail account. It's not image spam, it's stock spam. I blogged a few months ago that Gmail was allowing lots of spam through (no pun intended) but that may have been because an email...
  • Terry Zink: Security Talk

    Sender authentication part 9: SPF Syntax

    • 3 Comments
    This is essentially going to be a summary of the information that appears on the OpenSPF documentation web page. Really, what else can I say that isn't said there? But, if you're like me and rarely bother clicking on links inside of blog posts and would...
  • Terry Zink: Security Talk

    How Win32/FakeSysdef Corrupts Your Computer

    • 0 Comments
    Microsoft’s Trustworthy Computing group, which publishes the biannual Security Intelligence Report (of which I am a contributing author and reviewer) has published a new video entitled “How Win32/FakeSysdef Corrupts your Computer.”  In it, it shows...
  • Terry Zink: Security Talk

    How to hack weak passwords

    • 5 Comments
    I was doing my daily stock market research when I happened to come across this article on the strength of passwords and how a hacker would go about trying to steal your password. It's an interesting read. The writer basically goes into a brute-force...
  • Terry Zink: Security Talk

    Does the computer security industry give good or realistic advice?

    • 9 Comments
    As a guy who works in the computer security industry, I am well aware of all the advice that we give.  Use different passwords at multiple sites that you login to.  Always install the latest software updates.  Run antivirus programs. ...
  • Terry Zink: Security Talk

    Sender authentication part 8: Best-Guess SPF

    • 5 Comments
    I've had a document sitting on my shelf (ie, the window-sill 10 feet away from my desk) for about 6 months now just waiting to be read. It's entitled Sender Repuration in a Large Webmail Service. It's by Bradley Taylor, at Google, and is available to...
  • Terry Zink: Security Talk

    Sender authentication part 15: How SenderID interprets SPF records

    • 2 Comments
    In my last post, we were introduced to the new SPF record syntax that is specifically designed for SenderID. The question now is how does SenderID treat SPF records that were originally designed to be used with SPF? SenderID allows the spam filter to...
  • Terry Zink: Security Talk

    Follow up on strengths and weaknesses

    • 1 Comments
    As a follow up from my previous post, I've calmed down a bit and started to regain my calm, Zen-like demeanor. I have not managed to get the new filter out there.  However, I have devised a scheme wherein we can monitor potential FPs closely. ...
  • Terry Zink: Security Talk

    Why silently dropping mail is a bad idea

    • 4 Comments
    As someone who is responsible for filtering mail, there are a number of options that we have when it comes to filtering spam.  We can do any of the following: Reject it in SMTP with an error message Quarantine the message to cloud storage Mark it...
  • Terry Zink: Security Talk

    New Facebook worm

    • 1 Comments
    This morning, I was once again browsing through my Facebook lists (man, Facebook really is a gold mine of material for the cybersecurity world, isn’t it?).  I came across something a friend of mine posted, it is entitled “My ex-girlfriend of 2 years...
  • Terry Zink: Security Talk

    Cybersecurity and the federal government

    • 2 Comments
    A couple of weeks ago, I was blogging about whether or not cybersecurity should be managed, or overseen, from the White House.  The Obama administration during the campaign was in favor having a cabinet level post, a so-called Cyber-czar.  Leaving...
  • Terry Zink: Security Talk

    Sender Authentication part 1: The basics of sending email

    • 6 Comments
    This is my first post in my series on email authentication. In order to understand how to authenticate the sender of an email, we need to understand how email works. I remember back in my 4th year of university when we learned how to send "fake" email...
  • Terry Zink: Security Talk

    Looking for some Mac blogging software

    • 6 Comments
    A couple of months ago I downloaded Windows Live Writer. As far as blog publishing tools go, this is the all the blogging software that I need. I can pick which blog I want, write a post, and then click upload. Other than editing posts later on (which...
  • Terry Zink: Security Talk

    The Merits and Hazards of Two-Point Filtering

    • 11 Comments
    In my previous post , I defined Two-Point Filtering as the process of using an end-user feedback loop to train a spam filter without verification of the user classifications. I borrowed the Web 2.0 term to refer to the greater community of people contributing...
  • Terry Zink: Security Talk

    Funny spam image

    • 2 Comments
    I was surfing the web looking for spam images for a presentation and came across the following.  Very amusing.
  • Terry Zink: Security Talk

    Cracking ReCAPTCHA

    • 4 Comments
    I was browsing dark Reading today and came across an article they published 4 days ago.  A researcher has broken reCAPTCHA, that is a CAPTCHA software tool that many websites use to tell the difference between a human and a computer.  It is...
  • Terry Zink: Security Talk

    Blocking executable content in Office 365 for more aggressive anti-malware protection

    • 2 Comments
    Sometimes, spammers and malware writers create malware that passes through our service and arrives in customer inboxes. This is known as zero-day malware. The anti-malware engines that we use have not yet created signatures for them, and sometimes the...
  • Terry Zink: Security Talk

    The problem of backscatter, part 9 - Block it with content analysis

    • 4 Comments
    We can see how backscatter is a problem, so how do we go about stopping it?  What are some of the techniques we can employ to keep it out of our inboxes? One such technique is to block all NDR messages, or at least tag phrases and characteristics...
Page 3 of 46 (1,133 items) 12345»