The spam filter has run amok

My MovableType spam defenses have kind of run amok. It was letting through a ton of spam which led me to disable anonymous comments. For its next trick it decided to trash valid comments. The first method used for trashing valid comments was a rule that http:// shouldn’t appear in the commenter’s name field. That …

Continue reading ‘The spam filter has run amok’ »

ISC Diary: Spam Storm effecting Canada

Today’s SANS handler diary notes a SPAM storm is effecting the availability of mail servers at some companies in Canada. Its always amusing to note spammer mistakes in formulating the email addresses. In this case it looks like they are using $firstname$randomword$lastname. That’s not going to work very well. ๐Ÿ™‚ The sheer volume, is causing …

Continue reading ‘ISC Diary: Spam Storm effecting Canada’ »

FDF Spam

F-Secure is reporting in their blog that they are seeing spam in FDF file attachments. FDF files will open in Adobe Reader. Spammers are using this as their latest attempt to bypass spam filters.

GCW: Coast Guard Mandates Anti-Phishing Training

According to a Government Computing News article, the Coast Guard is requiring all of its computer users to “take mandatory training on how to avoid fake e-mail messages that try to acquire sensitive data in a technique known as phishing and even more highly targeted attacks known as spear phishing.” That reminds me of a …

Continue reading ‘GCW: Coast Guard Mandates Anti-Phishing Training’ »

Your gmail addressbook may have been exposed

According to various web reports, Google was using javascript to store your Gmail address book while you’re logged in. As a result if you are logged into gmail, any other website you visit could request your Gmail addressbook. This flaw has now been resolved, but it does give one pause about the danger of javascript.