Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

  • Terry Zink's Cyber Security Blog

    Instant message filtering?

    • 128 Comments
    This is an idea that I have been thinking about for a while and that is the concept of instant message filtering. I don't get too much spam on my instant messenger (I use or have used ICQ, Yahoo IM, Windows/MSN/Live Messenger, AIM, gaim, and Office...
  • Terry Zink's Cyber Security Blog

    Spam from an Android botnet

    • 36 Comments
    I came across some interesting spam samples today. The messages all come from Yahoo Mail servers.  They are all from compromised Yahoo accounts.  They are sending all stock spam, the typical pump and dump variety that we’ve seen for years. But...
  • Terry Zink's Cyber Security Blog

    A bit more on that spam from an Android botnet

    • 19 Comments
    A quick follow up on my previous post about spam from an Android botnet , there are a few things I need to point out: Sophos discovered the same thing on their Naked Security blog : The messages appear to originate from compromised Google Android smartphones...
  • Terry Zink's Cyber Security Blog

    No such thing as generic Viagra

    • 6 Comments
    We've all seen the ads in our spam filters at one time or another, some spammer advertising for generic Viagra, perhaps advertised as “Viakra” or something similar. Having worked with spam for a long time and having dealt with false positives that...
  • Terry Zink's Cyber Security Blog

    My Hotmail account has been compromised

    • 30 Comments
    Well, here’s something I didn’t expect to write about – my very own Hotmail account has had its username and password accosted by spammers! I have a very old one that I opened up years ago.  I use it to subscribe to bulk mail services and use it...
  • Terry Zink's Cyber Security Blog

    CNN spam

    • 26 Comments
    I've been seeing some CNN spam the past few days, that is, spam in the form of breaking news stories from CNN.com.  Below is a sample: These all look like legitimate news stories, and indeed, they probably are taken straight from an actual CNN news...
  • Terry Zink's Cyber Security Blog

    My new Best Buy $1000 Gift Card

    • 19 Comments
    Yesterday, I was browsing through Facebook.  I never really look at the ads on the right hand side of the page.  Or rather, I should say that I never click on them.  However, yesterday, my curiosity was piqued.  There was an ad that...
  • Terry Zink's Cyber Security Blog

    Best looking phish I've seen in a long time

    • 12 Comments
    A month ago one of our spam analysts came across a Bank of America phishing spam.  The thing about this one is that it is one of the best I've seen in a long time: This is very legitimate-looking.  The logo is legitimate, it has correct grammar...
  • Terry Zink's Cyber Security Blog

    Guest blogging on Forefront

    • 23 Comments
    So I am now a guest blogger on Forefront's Security blog (link in my links section).  Forefront is another division within Microsoft that provides security solutions for Enterprise. This afternoon, they came around and took some video footage of...
  • Terry Zink's Cyber Security Blog

    Phishing vs Spoofing

    • 1 Comments
    One of things I've noticed amongst the public is the confusion between the terms phishing and spoofing . The two are not synonymous. Phishing attacks generally use spoofing as a strategy but spoofing attacks are not necessarily phishing. Spoofing is impersonating...
  • Terry Zink's Cyber Security Blog

    Microsoft .NET vs Java – trailer

    • 1 Comments
    Okay, a friend sent me this and I found it really funny.  Enjoy!
  • Terry Zink's Cyber Security Blog

    The gTLD of choice for spammers - .ru

    • 0 Comments
    I have been playing around with a little more statistics for the various botnets that I track.  Just for fun, I decided to pick two of them – lethic and bobax, and see what types of TLDs they were using to send out spam. This is kind of a tricky...
  • Terry Zink's Cyber Security Blog

    Buy stuff from Apple

    • 30 Comments
    Before being bought out by Microsoft, a lot of my co-workers bought stuff from Apple (mostly mac laptops, but also iMacs).  I recently bought an iBook second hand, but in my team of 8 people, 4 have bought new Macbooks in the past 4 months.  A few people...
  • Terry Zink's Cyber Security Blog

    How much do spammers actually make?

    • 7 Comments
    Spammer X is an ex-spammer who has written book called "Inside the Spam Cartel: Trade Secrets from the Dark Side."  He's a former spammer who retired in 2004 who has shared many of his tricks of the trade. He presented at the Spam Symposium...
  • Terry Zink's Cyber Security Blog

    The most commonly used programming language is also the most vulnerable

    • 2 Comments
    Earlier this week, Tiobe Software released a report showing its Tiobe index : The TIOBE Programming Community index is an indicator of the popularity of programming languages. The index is updated once a month. The ratings are based on the number of skilled...
  • Terry Zink's Cyber Security Blog

    Et tu, Fool?

    • 16 Comments
    I got the following email from the Motley Fool the other day, here are some excerpts: The two words Bill Gates doesn't want you to hear... They spooked the Microsoft founder into early retirement. Now they're going to bring down his empire and make a...
  • Terry Zink's Cyber Security Blog

    A couple of more chinks in Gmail's armour?

    • 6 Comments
    In the last few weeks, I've noticed that my Gmail account is getting more spam than it used to. Granted, it's maybe 1 or 2 per week but that's still more than the zero that everybody says it is. In the past couple of days, I've noticed some spam getting...
  • Terry Zink's Cyber Security Blog

    Sender authentication part 29: Some DomainKeys examples

    • 5 Comments
    Let's plow through a few real life examples. Here's an actual DomainKey Signature: Example 1 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.au; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version...
  • Terry Zink's Cyber Security Blog

    How rainbow tables work

    • 3 Comments
    This year, I heard the term “rainbow tables” in regards to passwords and how hackers use them to break encrypted passwords.  I originally looked it up on Wikipedia but I couldn’t understand what I was reading (now that I know what they are, it makes...
  • Terry Zink's Cyber Security Blog

    Frequency of spam - distribution by category

    • 9 Comments
    On another news website that talks about image-only spam, Craig Sprosts, senior product manager at IronPort says that they are generally seeing the same spam topics. "Drugs remain number one," says Sprosts. "We're seeing an increase in stock spam. Adult...
  • Terry Zink's Cyber Security Blog

    New spamming tactic?

    • 11 Comments
    Over the past couple of days, we've seen either the beginning of a new botnet tactic, or we changed something on our networks that is causing network problems. The shift in tactics is the amount of time that a bot will connect to our service, we issue...
  • Terry Zink's Cyber Security Blog

    Comment spam: Spammers vs morons

    • 11 Comments
    This post is a bit of a rant. On this particular blog, all of my commenters are quite intelligent.  You all provide good content and I try my best to respond to most of the comments.  The times I don't is because the connection screws up and...
  • Terry Zink's Cyber Security Blog

    Oops. Wish I could take that email back

    • 4 Comments
    I came across the Gmail blog the other day and they were announcing a handy little feature that lets you take back email messages before they are actually delivered to the Internet.  For example, let's say you were sending a friend a message: Hey...
  • Terry Zink's Cyber Security Blog

    Sender authentication part 21: Some recommendations

    • 4 Comments
    In documentation that Microsoft is going to release shortly, they have some recommendations on how to set up your SenderID records as well as a list of frequently asked questions. I will post a link to the relevant documents when they become available...
  • Terry Zink's Cyber Security Blog

    Note to MessageLabs... a little help?

    • 10 Comments
    This post is for any of my MessageLabs readers. I tried to send an email to my travel company today using my Gmail account (which I pop through Thunderbird). I got an NDR saying the following: This is an automatically generated Delivery Status Notification...
Page 1 of 45 (1,122 items) 12345»