Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    How China steals our secrets

    • 0 Comments
    Former US counter terrorism director Richard Clarke has another article up in the New York Times entitled “ How China Steals Our Secrets .”  It’s similar to an article that I wrote about last week.  In it, he recounts how nearly all US companies...
  • Terry Zink: Security Talk

    Former US counter-terrorism director speculates who was behind the Stuxnet attack, and talks about China’s role in espionage

    • 1 Comments
    The title of this post is a record for my longest post title ever.  But I had to get everything in there lest you think this blog post is only on one topic. The story of Stuxnet occurred in 2010 and it seems like forever ago.  And since that...
  • Terry Zink: Security Talk

    U.S. Outgunned in Hacker War

    • 0 Comments
    The Wall Street Journal has an article up today with an interview with outgoing head of the FBI’s cyber crime investigation Shawn Henry.  In it, he has a blunt assessment of the US’s capabilities when it comes to combatting online crime, especially...
  • Terry Zink: Security Talk

    Top Anonymous/LulzSec hacker caught

    • 0 Comments
    This is an old story (where old > 2 weeks), but I still want to write about it. Nine months ago, I wrote a post where LulzSec decided, after 9 weeks of mischief, to call it quits .  This was in June, 2011. About three weeks ago, the FBI announced...
  • Terry Zink: Security Talk

    Spam catch rates drop

    • 0 Comments
    I was reading All Spammed Up’s recent post entitled Are Spam Filters really that Bad?   It is referring to the latest test to come out of Virus Bulletin where they measure the efficacy of a variety of antispam products: In the latest VBSpam comparative...
  • Terry Zink: Security Talk

    Has the Zeus disruption affected spam at all?

    • 0 Comments
    I’ve written a number of times in the past about which botnets send us the most spam.  Cutwail is always in the top 3. With the Zeus disruption, has this affected Cutwail at all?  Cutwail is not necessarily related to Zeus; as I said in my previous...
  • Terry Zink: Security Talk

    Microsoft disrupts the Zeus infrastructure

    • 0 Comments
    Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet.  When I say “botnet”, I use the term loosely because Zeus is not a botnet in the...
  • Terry Zink: Security Talk

    Think SPF is widely deployed? Think again.

    • 3 Comments
    With all the hoopla surrounding DMARC, I thought I would take the time to see how SPF is functioning in real life, at least in our network. According to DMARC documentation, SPF and DKIM adoption is reaching critical mass (see page 5 of that link): Over...
  • Terry Zink: Security Talk

    Internet pharmacies and bad registrars

    • 0 Comments
    Last week, Krebs on Security reported on how 50% of online pharmacies’ domains are registered on only two different registrars – Internet.bs (what a curious name) and Ukranian Names.  Internet registrar watchdog Knujon also released a report about...
  • Terry Zink: Security Talk

    The pros and cons of graylisting

    • 0 Comments
    Graylisting is an antispam technique that works by taking advantage of sender reputation.  Specifically, the lack of a good or bad reputation gives the sender a chance to prove themselves worthy of delivery.  The basic idea is that a good sender...
  • Terry Zink: Security Talk

    Predicting the future of abuse, part 2

    • 0 Comments
    Following on from my previous post, what does the future of Internet abuse look like?  Here’s what I think: The proliferation of smaller devices will shift malware away from PCs to phones and tablets Crime will not go away.  The reason criminals...
  • Terry Zink: Security Talk

    Predicting the future of abuse

    • 0 Comments
    A couple of months ago, I wrote about IBM’s predictions for 2016 , and one of those was that there would be no more spam.  As I look around at other predictions about the future, I say to myself “Self, what do I think will be the future of abuse...
  • Terry Zink: Security Talk

    Argh! Spoofed email got me again!

    • 1 Comments
    A couple of weeks ago, I was checking email on my phone and I got a spoofed email from Stratfor saying that the CEO of the company stepped down.  I initially fell for it because I couldn’t see the formatting of the email, I only had a sub-optimally...
  • Terry Zink: Security Talk

    How Google is fighting back against Android threats

    • 1 Comments
    Following on from my previous post on Android threats (this post is based upon research of Google’s Bouncer feature), Google’s strategy to combat Maldroids is four-fold: Prevent security issues from occurring Minimize the impact of any security issues...
  • Terry Zink: Security Talk

    What Android threats look like

    • 0 Comments
    I’ve been doing some reading recently on Android threats, specifically some stuff by Eric Chien, Technical Directory of Security Technology and Response at Symantec.  Anything you read here is not stuff I’ve come up with myself, but rather, based...
  • Terry Zink: Security Talk

    How much money do spammers make?

    • 0 Comments
    I recently had a chance to read a report out of the University of California at San Diego by Chris Kanich (among others).  I also had a chance to hear him speak about the topic – Show Me The Money!  This post contains my notes with some photos...
  • Terry Zink: Security Talk

    The Top 3 Emerging Threats on the Internet

    • 0 Comments
    Last week at RSA, Bruce Schneier gave a talk on the top 3 emerging threats on the Internet.  Whereas we in the security field usually talk about spam, malware and cyber crime, he talked about three meta-trends that all have the potential to be more...
  • Terry Zink: Security Talk

    Why managing multiple usernames and passwords sucks

    • 1 Comments
    I have way too many user accounts.  I can’t use the same password everywhere, but so many of these also force me to use different usernames.  I can’t remember them! I went to the web page for Morgan Stanley Smith Barney and I forgot my username...
  • Terry Zink: Security Talk

    I’m a SpamCop

    • 0 Comments
    Below is a 6-minute video, starring me (among others) about what it’s like to be a SpamCop.   When I filmed it, I remember thinking “Gee, this will be entertaining!”  But when I saw it on the big screen with everyone watching, I thought “Gee...
  • Terry Zink: Security Talk

    How did WikiLeaks get the Stratfor emails?

    • 0 Comments
    As a follow up to my previous post, I’d like to comment on the Reuters article where WikiLeaks is publishing hundreds of thousands of internal emails from security think tank Stratfor: WikiLeaks did not say how it had acquired access to the vast haul...
  • Terry Zink: Security Talk

    The Stratfor hack – the gift that keeps on taking

    • 0 Comments
    I admit, I was fooled. As I’ve written previously , private intelligence service Stratfor was hacked in December, my information was leaked and since then I’ve been getting spear phishing messages.  Yesterday, I got another one and I admit, I was...
  • Terry Zink: Security Talk

    Misconceptions about spam

    • 0 Comments
    Sometimes I hear people or read writers that say things about spam that are incorrect.  I thought I would clear those up in this blog post. December is spam season When the holidays roll around, people start warning other people to watch their inboxes...
  • Terry Zink: Security Talk

    MAAWG updates its name

    • 0 Comments
    If you’ve been to the MAAWG web page lately, you may have noticed that they have updated their name and logo: The big change is the expansion from a focus primarily on spam to spam, malware (on computers), and mobile malware. I wrote back in October 2009...
  • Terry Zink: Security Talk

    Hotmail and Gmail are tied in antispam effectiveness

    • 2 Comments
    A couple of days ago, the New York Times reported on a study by Cascade Insights that measured the effectiveness of the spam filters in Gmail, Hotmail, and Yahoo Mail.  The results?  Hotmail and Gmail are about equal in terms of how good they...
  • Terry Zink: Security Talk

    Anonymous plans to go after DNS root servers. What will be the US’s response?

    • 6 Comments
    The other day on pastebin , snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet’s root name servers: To protest SOPA, Wallstreet, our irresponsible leaders...
Page 8 of 46 (1,145 items) «678910»