About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Archive: November 2008

Srizbi Botnet Re-Emerges Despite Security Firm's Efforts

In the fallout resulting from knocking McColo Corp. offline, this past week may prove to be a missed opportunity in the prevention of a dramatic reappearance of junk e-mail, as a botnet that once controlled 40 percent of the world's...

By washingtonpost.com Editors | November 26, 2008; 6:06 PM ET | Comments (12)

Spam Volumes Expected to Rise with Botnet Resurrection

Spam volumes could rise considerably over the next few days now that one of the world's largest networks of compromised computers used for blasting out junk e-mail was brought back to life tonight. The "Srizbi" botnet, a collection of more...

By Brian Krebs | November 26, 2008; 12:05 AM ET | Comments (20)

Two Weeks Out, Spam Volumes Still Way Down

A full two weeks after a Web hosting firm identified by the computer security community as a major host of organizations engaged in spam activity was taken offline, the volume of spam sent globally each day has yet to bounce...

By Brian Krebs | November 25, 2008; 9:22 AM ET | Comments (6)

Pharmacy Extortionists Take on CIA, DoD, FBI, NSA

Extortionists targeting clients of Express Scripts -- one of the nation's largest pharmacy benefits management firms -- may have inadvertently picked a fight for which they were ill-prepared. Security Fix has learned that among the company's biggest customers is the...

By Brian Krebs | November 24, 2008; 6:16 PM ET | Comments (4)

Felony Spyware/Porn Charges Against Teacher Dropped

A substitute teacher in Connecticut who faced 40 years in prison for allegedly surfing porn Web sites in the presence of seventh graders has been cleared of the charges after state prosecutors dropped the case. The remarkable story of Julie...

By Brian Krebs | November 24, 2008; 10:11 AM ET | Comments (6)

Spamhaus: Microsoft Now 5th Most Spam Friendly ISP

Microsoft is rising quickly on a running list of the Top 10 Worst Spam Service ISPs as maintained by spamhaus.org, a group that tracks unsolicited commercial e-mail. The software giant debuted on the list earlier this month at number 9...

By Brian Krebs | November 21, 2008; 10:24 AM ET | Comments (10)

Peculiar Patch Pits iPhone Security vs. Safari

Earlier this year, Security Fix criticized Apple for making iPhone users wait for security updates that Apple had fixed in its other products four months earlier. Now, it appears that iPhone users may have received a patch for a critical...

By Brian Krebs | November 20, 2008; 8:46 PM ET | Comments (1)

Web Fraud 2.0: Faking Your Internet Address

One of the casualties from the unplugging of McColo Corp. is fraudcrew.com, a Web service that offered paying customers the ability to hide their identities online by routing their traffic through computers controlled by others. Fraudcrew, which has not been...

By Brian Krebs | November 20, 2008; 2:03 PM ET | Comments (2)

So Much Spam From One Place?

Washingtonpost.com today published a follow-up story to the pieces we ran last week on the unplugging of a California Web hosting company and the subsequent worldwide drop in spam levels. Today's piece tries to answer the question we heard from...

By Brian Krebs | November 18, 2008; 5:11 PM ET | Comments (5)

'Network Identity Theft' Politely Avenged

A massive swath of some 65,536 unique Internet addresses that appear to have been swiped from early Internet pioneers by a convicted spammer has been reclaimed by Internet regulators, Security Fix has learned. In April, Security Fix reported that a...

By Brian Krebs | November 18, 2008; 12:14 PM ET | Comments (2)

Critical Security Updates for Firefox, Safari

Apple and Mozilla have each issued updates to fix a large number of critical security flaws in their respective Safari and Firefox Web browsers. The Apple update, which brings Safari to version 3.2, is reportedly causing many users to experience...

By Brian Krebs | November 16, 2008; 10:33 PM ET | Comments (7)

A Closer Look at McColo

Yesterday, we published a story about Web hosting firm McColo being knocked offline after being accused by the computer security community of serving as a gateway to organizations engaged in spam activity. In trying to get a sense of the...

By Brian Krebs | November 13, 2008; 12:08 PM ET | Comments (22)

Spam Volumes Drop by Two-Thirds After Firm Goes Offline

The volume of junk e-mail sent worldwide plummeted on Tuesday after a Web hosting firm identified by the computer security community as a major host of organizations engaged in spam activity was taken offline. (Note: A link to the full...

By Brian Krebs | November 12, 2008; 1:07 PM ET | Comments (13)

Major Source of Online Scams and Spams Knocked Offline

A U.S. based Web hosting firm that security experts say was responsible for facilitating more than 75 percent of the junk e-mail blasted out each day globally has been knocked offline following reports from Security Fix on evidence gathered about...

By Brian Krebs | November 11, 2008; 7:06 PM ET | Comments (58)

Pharmacy Processor Offers $1M Reward to ID Extortionists

Express Scripts, the nation's third largest pharmacy benefits management company, is offering a $1 million reward for information leading to the arrest and conviction of the individual(s) responsible for trying to extort money from the company. The St. Louis-based firm...

By Brian Krebs | November 11, 2008; 5:46 PM ET | Comments (1)

Microsoft Patches Four Windows Security Holes

Microsoft today released a pair of security updates to plug at least four security holes in its Windows operating systems and other software. The software patches are available through Windows Update or via Automatic Updates. One of the patches earned...

By Brian Krebs | November 11, 2008; 2:34 PM ET | Comments (0)

VISA to Enforce Payment Card Security in Europe

Update, 1:20 p.m.: A major correction is in order for this story: A spokesman for Visa just contacted me to say that the new deadlines actually apply to all non-U.S. retailers except those in Europe. The spokesman said Visa Europe...

By Brian Krebs | November 11, 2008; 11:50 AM ET | Comments (1)

Extortionists Target Major Pharmacy Processor

One of the nation's largest processors of pharmacy prescriptions said Thursday that extortionists are threatening to disclose personal and medical information on millions of Americans if the company fails to meet payment demands. St. Louis-based Express Scripts said that in...

By Brian Krebs | November 7, 2008; 7:55 AM ET | Comments (16)

Researchers Hijack Storm Worm to Track Profits

A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam. Over a period of about...

By Brian Krebs | November 6, 2008; 5:39 PM ET | Comments (4)

Malware Piggybacks on Obama Win

Cyber criminals are blasting out massive amounts of spam touting a video of President-elect Barack Obama's victory speech. Recipients who click the included link are taken to a site that prompts visitors to install an Adobe Flash Player update. The...

By Brian Krebs | November 5, 2008; 2:12 PM ET | Comments (5)

Adobe Issues Critical Acrobat, Reader Updates

Adobe has issued a software update to fix at least eight security flaws in its Acrobat and Adobe Reader applications, that if left unpatched could be used by attackers to take control of vulnerable systems, the company said. The vulnerabilities...

By Brian Krebs | November 5, 2008; 7:00 AM ET | Comments (11)

Election Hoax Sent Via D.C. Based E-Campaign Group

An e-mail hoax telling 35,000 George Mason University students, faculty and staff, that the election had been moved to Nov. 5, was sent through servers run by a D.C. based company that seeks to help political campaigns promote their messages...

By Brian Krebs | November 4, 2008; 1:56 PM ET | Comments (24)

GMU E-Mail Hoax: Election Day Moved to Nov. 5

Unknown hackers broke into George Mason University's e-mail system and sent students a forged message from the school's provost early this morning stating that Election Day had been moved to Nov. 5. The messaged, dated 1:16 a.m., Nov. 4, with...

By Brian Krebs | November 4, 2008; 10:36 AM ET | Comments (45)

Taming Vista's User Account Control Pop-Ups

Microsoft Vista users fed up with the incessant security prompts from the operating system's "user access control" feature can now spend less time clicking on the pop-ups. Symantec Corp. has released a free tool that adds a simple "don't ask...

By Brian Krebs | November 4, 2008; 10:30 AM ET | Comments (1)

Microsoft Security Report: A Mixed Bag

Microsoft's successes in producing more secure software are being offset in part by organized cyber criminals, who continue to make inroads into customer PCs largely through faulty third-party software and old-fashioned trickery, the software giant said in a report released...

By Brian Krebs | November 3, 2008; 1:39 PM ET | Comments (0)

 

©  The Washington Post Company