Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
|
|
 |
2011-12-23 17:39 GMT |
| Spamhaus has observed a newer type of distributed denial-of-service attack (DDoS) which has only recently become popular among cybercriminals. In just the past month, several attacks using this method have been investigated by private security firms and law enforcement agencies. During December 2011, Spamhaus sustained an SNMP D... (>) |
|
|
2011-11-15 11:11 GMT |
| After the November 9, 2011 successful law-enforcement dismantling of a huge cybercrime network in an operation dubbed 'Ghost Click', questions were raised as to what Internet Service Providers (ISPs) could have been doing to protect their users, and the internet, from this botnet(>) |
|
|
2011-11-09 20:13 GMT |
| On November 9, 2011 the FBI announced the successful dismantling of a huge cybercrime network in an operation dubbed 'Ghost Click'. The target of this joint US and Estonian law enforcement operation is the ROKSO listed gang Rove Digital.(>) |
|
|
2011-11-01 16:57 GMT |
| This week sees the arrival of LondonCyber, a conference organised by the British Government's Foreign Office and reported to have been so thoroughly stage-managed that the media have been carefully kettled away in a special media centre to ensure they are not allowed to directly interact with any of the attendees.
While many ... (>) |
|
|
2011-10-14 06:26 GMT |
| If The Netherlands has penalties for filing false reports and wasting police time, Dutch ISP 'A2B Internet' will be looking at a hefty fine. The owner of the small Dutch transit ISP claimed on Tuesday 11 Oct to have filed a report with local police in the Dutch region of Zaanstreek-Waterland accusing Spamhaus of "extortion" and ... (>) |
|
|
2011-10-03 14:43 GMT |
| If one admonishes for poor practice, one should encourage better practice.
On Friday we wrote about an email sent by the UK tax office the formatting of which was ill advised (see ). The following Monday, S... (>) |
|
|
2011-09-30 12:45 GMT |
| Phishing. Broadly speaking, sending out emails which misdirect people to supply confidential information to miscreants. One such ruse in the UK has been to send out tax rebate emails purporting to come from the UK tax office, .
So on Friday, in a stroke of genius, HMRC... (>) |
|
|
2011-09-05 13:25 GMT |
| On the 2nd September 2011 Spamhaus was successful in its final appeal which reduced a baseless $11.7 million default judgment down to $3 (three dollars). Twice before, the US Court of Appeals for the Seventh Circuit had vacated judgments made by an Illinois District Court which had twice awarded fabricated 'lost profits' to an I... (>) |
|
|
2011-06-10 12:58 GMT |
All too frequently electronic security breaches result from some form of social engineering trick which entices a user to visit a harmful website by providing a clickable link (URL) with a specially-registered domain which ultimately leads to the user being defrauded or their machine being infected with malware.
Once in... (>) |
|
|
2011-06-06 14:00 GMT |
| The Spamhaus Project has released a document outlining Spamhaus' strategy with respect to Spamhaus' IP blocklists and their future in an IPv6 enabled world. Entitled "Spamhaus IPv6 Blocklists Strategy Statement", the document focuses exclusively on IPv6 DNS-based blocklists and gives technical details of how Spamhaus plans to im... (>) |
|
|
2011-03-03 09:51 GMT |
| 5 March 2011: One year ago this week, The Spamhaus Project released a new spam-blocking advisory list for the world's internet users. Its focus was on the domain side of email filtering. Called the Domain Block List, the DBL has now been in worldwide use for a full year. T... (>) |
|
|
2010-12-14 17:00 GMT |
| On Monday Spamhaus became aware that the main Wikileaks website, wikileaks.org, was redirecting web traffic to a 3rd party mirror site, mirror.wikileaks.info. This new web site is hosted in a very dangerous "neighborhood", Webalta's 92.241.160.0/19 IP address space, a "blackhat" network which Spamhaus believes caters primarily t... (>) |
|
|
2010-11-29 18:20 GMT |
Spamhaus.org has been a frequent target of forged e-mails over the years and once again we're seeing a rise in those sorts of spam messages. This time email messages pretending to come from Spamhaus are a social engineering attempt ("phish") to lure victims into installing malware on their computers. Don't fall for it!
(>) |
|
|
2010-10-18 15:00 GMT |
| When it became clear that the UK's National Security Strategy (published today) would highlight "Cybersecurity" as one of the most serious threats to the United Kingdom's security, the media were most querulous. Even some of the more experienced journalists seemed to pour immediate scorn on the suggestion that computer-based cri... (>) |
|
|
2010-09-26 16:00 GMT |
| The Spamhaus Project has released a whitelist called the Spamhaus Whitelist. Long awaited in the industry, the Spamhaus Whitelist allows internet mail servers to separate incoming email traffic into 3 categories: Good, Bad and Unknown, allowing mail server operators to block known bad email traffic, let known good email traffic ... (>) |
|
|
2010-08-20 15:16 GMT |
| "Spamhaus Blocks Gmail" - A catchy headline which certainly got the twitterati going. However, it wasn't true.
Recently some IT websites, including Softpedia and Sucuri, erroneously issued reports of Spamhaus' SBL blocking Gmail. These reports are not true. Google's Gmail service has never been listed in, or affected by, any ... (>) |
|
|
2010-03-04 05:39 GMT |
| Leaving a wake of over 12 years of criminal spamming and trillions of sent junk emails behind him, long time ROKSO-listed spammer Alan Ralsky is finally behind the walls of a US Federal Prison.
After pleading guilty to multiple federal criminal charges, and after time extensions to "get his affairs in order", Ralsky reported ... (>) |
|
|
2010-03-01 09:04 GMT |
| 1 March 2010: The Spamhaus Project is proud to release its newest spam-blocking advisory list to the world's internet users, this time focused on the domain side of email filtering. Called simply the Domain Block List, the DBL has been in beta testing for much of 2009 on pro... (>) |
|
|
2010-02-03 18:01 GMT |
| The idea of "opt in" is central to the legitimate, non-spam use of bulk e-mail. Without "opt in" policies, any and all e-mail addresses will be spammed relentlessly until they "opt out", and likely even after that. "Opt in" means that the recipient--the e-mail address owner--knowingly and intentionally subscribes to a specific l... (>) |
|
|
2010-01-15 07:27 GMT |
| Unfortunatly for Renukanth Subramaniam, the "loner with a modest lifestyle" who helped run the secretive website where cybercriminals traded stolen credit card data, his friends will probably be fellow inmates in a Her Majesty's Prison Service institution.
Subramaniam was remanded into custody in London after earlier plead... (>) |
|
|
2009-12-17 14:51 GMT |
| China Internet Network Information Center (CNNIC) - China's own domain regulator - last week criticised Xinnet.com and some other Chinese registrars for the excessive inaccuracy in registration information (called "Whois" data).
From this week, buyers of ".cn" Country Code Top Level Domains (ccTLDs) are required to provide pa... (>) |
|
|
2009-12-07 12:10 GMT |
| In October, Comcast Corporation, the USA's largest provider of high-speed Internet to private homes, announced the roll-out of its new Constant Guard security initiative. The system will provide in-browser notifications about possible virus infections. If the system detects a possible problem, a "service notice" will appear in... (>) |
|
|
2009-12-03 09:13 GMT |
| On the two-month anniversary of our announcement of the Spamhaus CSS, we thought it's time to take a look at its effect against this type of spamming. As we had mentioned, while filtering methods for botnet spam are now quite effective, a new breed of static-IP address spammers had evolved, and their spam was evading many filte... (>) |
|
|
2009-11-30 18:53 GMT |
The Herbalking aftermath continues with a US federal judge ordering ringleader Lance Atkinson to pay the US Federal Trade Commission (FTC) a hefty US$15.5 million (£9.4 million). After already admitting his involvement to the New Zealand authorities last year now the FTC steps in with its findings:
The spam g... (>) |
|
|
2009-11-20 10:00 GMT |
| Two New Zealanders well known to Spamhaus have been fined for their roles in the biggest pharmaceutical spamming operation in the history of the internet, officials of the nation's Department of Internal Affairs (DIA) said on Monday.
They were part of a business based in Christchurch that sent more than two million unsolic... (>) |
|
|
2009-10-03 05:22 GMT |
While filtering methods for botnet spam are now quite effective, a new breed of static-IP address spammers has evolved, and their spam evades many filters. It is time to target the next great spam problem, "snowshoe" spam.
The Problem of Snows... (>) |
|
|
2009-06-16 21:41 GMT |
There is nothing like a visual representation to show how botnet spam traffic dries up when a major eastern European run host (in this case, USA routed) of the botnet Command & Control systems (C&C) is shut down. Below is a report from the CBL botnet spam detection system on the effect of a recent shut down.
These graphs... (>) |
|
|
2009-05-30 00:45 GMT |
| During the last week of May, 2009, some senders experienced mail rejected by yahoo.com which referenced Spamhaus PBL data. But when they looked up their IP address, it was not in any Spamhaus list. The error was not consistent, and sometimes resubmitting a message might result in its delivery. Yahoo! is aware of the problem and ... (>) |
|
|
2009-05-19 17:51 GMT |
| Last month we mentioned upcoming changes to ISP's PBL Account pages. We're pleased to announce that the first phase of those improvements is now up and running. While not visible to the public, an ISP logging in to their PBL Account will immediately see the upgrades.
The new ISP PBL Account pages:
|
|
|
2009-04-13 07:45 GMT |
| We'd like to show you what some typical broadband space looks like in terms of spam-sending bots and Policy Block List (PBL) listings. Let's sample a few chunks of IPv4 space, count the spam bots, and map them graphically to visualize what those ranges look like. These are just examples, conveniently chosen based on our experien... (>) |
|
|
2009-02-25 00:29 GMT |
| Snowshoe spamming has been around for many years but during 2008 a few USA spammers honed the technique to a fine edge. It has grown rapidly for the past year and there is no indication that it will cease in the foreseeable future. As of February 2009, snowshoe spamming acc... (>) |
|
|
2008-11-17 05:32 GMT |
| Following the October 2008 shut down of the largest US based host of trojan malware, botnet command and control systems (C&Cs) and DNS changer hosts (pharming), Intercage/Atrivo, another US based network specializing in hosting similar cybercrime has been taken off the Internet.
McColo is a bit different from (>) |
|
|
2008-10-15 20:13 GMT |
| A person well known to Spamhaus, Judy Devenow, one of long time spamming kingpin and convicted felon Alan Ralsky's gang, plead guilty to conspiracy and aiding fraud in a US Federal court. She admitted she had sent millions of spam e-mails a day to generate excitement about junk stocks while working for Ralsky who (>) |
|
|
2008-10-14 18:30 GMT |
| The #1 worst spam gang on the Internet for much of 2007 and 2008, and active since at least 2005, has been indicted by the US Federal Trade Commission (FTC) in conjunction with simultaneous charges in New Zealand and possibly Australia & India. Several co-conspirators formed the (>) |
|
|
2008-09-16 07:00 GMT |
| Or "Frea Speach," as spammers write with their notoriously bad spelling while yammering about their right to send spam. There is no right to send spam, of course, let alone anonymously. Almost a decade ago, in their decisions in AOL vs. Cyberpromo and Earthlink vs. Cyberpromo, U.S. courts of appeal ruled that spam is theft of se... (>) |
|
|
2008-08-29 10:02 GMT |
| When cybercrime is mentioned it never takes long for Russia and the Ukraine to enter the picture. However, while a lot of cybercriminals are based in those countries, a lot of their infrastructure is housed in the west, in the United States to be precise.
Without exception, all of the major security organizations on the ... (>) |
|
|
2008-08-11 22:01 GMT |
| Closed Loop Confirmed Opt In is the full technical term for the best opt-in subscription practice around. But whether you call it Confirmed, Verified, Double or any other adjective it still means the same thing: "Hey you! Subscriber! Is this really you who signed up for this list? Unless you respond, we won't send you more mail.... (>) |
|
|
2008-07-25 23:19 GMT |
| There is lots of spam going around with funny subjects like "Mike Tyson to Fight Michael Jackson" or "Afghanistan to be 51st US State", or other equally absurd lines designed to hook unwary recipients into clicking the URL in the spam. Unfortunately, the results of following that link are not at all funny. The victim's computer ... (>) |
|
|
2008-06-27 13:55 GMT |
| A lot of people are using our SBL and XBL lists to guard their mail infrastructure against the incoming floods of spam. While we encourage all SBL-XBL users to switch to ZEN to check the connecting IP, the SBL-XBL combination still has a very powerful, but lesser-known application area: use it against spamvertized URLs in the me... (>) |
|
|
2008-03-16 21:52 GMT |
| There's been a lot of use of the term "ecosystem" in the e-mail industry lately. It's a good description of the complex environment that has grown up around Simple Mail Transport Protocol; it's no longer simple. But, like any ecosystem, it has many subsystems and niches within it. Among spammers in general, the (>) |
|
