Global spam levels drop following certain events

If you haven’t noticed lately, spam levels around the world have started dropping especially in October after a couple of events occurred.  The first is a Russian crackdown on alleged spam king Igor Gusev, thought to be involved in the operations of SpamIt.com.  SpamIt mysteriously shut down in late September, perhaps because Gusev caught wind…

0

You know you’ve made it when others start to copy you

If imitation is the sincerest form of flattery, then this has to be good news for Microsoft.  F-Secure recently found a piece of malware that spoofed Microsoft Security Essentials.  Here’s a link to the article: "Not only does this fake took steal Microsoft’s brand, it also features a bizarre matrix display of 32 antivirus products,…

0

My broker is giving out cyber advice

I have a stock trading account (actually, I have 4 – two that I used to use but no longer do and can’t seem to close, and one I signed up for and never used and can’t seem to close).  I get a daily email every day with a morning briefing that I sometimes read…

2

Measuring spam effectiveness – the flip side of false positives

As I was saying in my previous post, when it comes to measuring effectiveness you need to take a lot of samples in order to do it properly from a statistical point of view.  This makes it difficult to attain accurate metrics unless you have a pretty impressive infrastructure. The flip side, measuring how well…

0

Why you need large data sets to measure yourself effectively

There are a few organizations out there that measure the effectiveness of various vendors – Virus Bulletin, West Coast Labs, and ICSA to name a few.  These vendors will compare and measure a particular filter’s spam effectiveness on a scale of 1-100%, and the false positive ratio.  Measuring spam effectiveness isn’t all that difficult.  Spam…

0

MSRT tool cleaning up Zeus-related malware

Two weeks ago, Microsoft started detecting the Zeus malware in its Malicious Software Removal Tool, a free piece of software that Microsoft provides to Windows users that removes malware from their computers (the MSRT is not real-time so you still need a real time antimalware software like AVG, Kaspersky or Microsoft Security Essentials).  From PC…

0

Should vs Must

This morning, my co-worker and myself had another disagreement.  This time, it was on the nature of words and their meaning, as well as best practices for mailers. Now, if my regular readers haven’t figured it out by now, my position when it comes to technology is that it’s a tool used by humans to…

1

Some Dilbert humor

Via Dilbert.

1

United States is the most bot-infected country. Right?

A couple of days ago, Threatpost posted an article indicating that the United States is the most bot-infected country: The U.S. has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected PCs as the country in second place, Brazil, according to a new…

2

Microsoft IP space caught hosting spam

Well, this doesn’t reflect well on Microsoft.  Two IPs belonging to the Microsoft-owned IP space where discovered hosting pharmaceutical spam, and a couple of weeks earlier had been used in a DOS attack against the website KrebsOnSecurity.  From ComputerWorld: Microsoft blamed human error after two computers on its network were hacked and then misused by…

2

Microsoft releases its Security Intelligence Report, version 9

Today, Microsoft released its 9th edition of the Security Intelligence Report.  You can download the full pdf version here if you so desire.  SIRv9 covers the period of time from January to June 2010.  It contains all of Microsoft’s data and analysis surrounding threats in the cyber world. The nice thing about SIRv9 is that…

0

Does handing out business cards constitute opt-in?

Over the past year, one of the complaints that we have gotten around spam filtering is filtering out gray mail.  For those of you who don’t know what gray mail is, it is marketing or bulk mail that is sent out en masse and may or may not be wanted by the recipient.  Of course,…

3

Does the computer security industry give good or realistic advice?

As a guy who works in the computer security industry, I am well aware of all the advice that we give.  Use different passwords at multiple sites that you login to.  Always install the latest software updates.  Run antivirus programs.  And for heaven’s sake, don’t click on any links in spam!  We sometimes get frustrated…

9

The RPZ

At the end of July, Paul Vixie wrote a post entitled Taking Back the DNS wherein he proposed the use of a new technology called the Response Policy Zone, or RPZ (you can read the current draft here, it’s rather implementation specific).  The RPZ is essentially a DNSBL at the routing layer for Internet traffic. …

1

ISPs cutting off infected users

I was reading Richi Jennings blog and his recent post about whether or not ISPs should cut off infected users from the Internet, that is, if they detect that the user’s machine is infected, do not allow that machine to browse the Internet and instead either disallow the user from sending out any internet traffic…

2