November 01, 2005
Is it a bug or isn't it?
A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned. But some in the industry dispute that it's a security bug.
By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through, security researcher Andrey Bayora wrote in an advisory last week. The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora refers to that extra data as the "Magic Byte."
"This is one of the most significant antivirus vulnerabilities of recent times, as it affects the majority of scanner software," Bayora wrote in an article on his Web site that details the issue.
October 27, 2005
The newly discovered Samy worm is one of the first to exploit a cross-site scripting vulnerability, a technique security experts fear could be used to open a new front in attacks.
Samy is a self-propagating worm that appears to have been written by a member of MySpace.com, a community site dedicated to helping friends stay in touch and share pictures. By exploiting vulnerabilities in the MySpace.com site, the worm added a million users to the author's "friends" list.
Although the worm is no threat to other Web sites, security
experts say the new self-propagating cross-site scripting (XSS) worm
will likely be copied by other writers of malicious software.
Continue reading at ZDnet.com
October 14, 2005
Minnetonka, MN, October 14, 2005 -- http://www.securence.com - Securence, Inc., a leading provider of anti spam, anti virus software and Internet filtering services that include email protection and security services for small businesses, enterprises, and educational and government institutions worldwide, targets the spam bull’s-eye and aims to bring it under control.
Findings from a report produced
by Nucleus Research, a global research firm that recently conducted
in-depth interviews with employees at 82 Fortune 500 companies,
identified two startling results:
1. Spam is definitely on the rise. The average employee received nearly 7,500 spam messages in 2004, up from 3,500 in 2003.
2. Employee productivity continues to be hurt. Average lost productivity per employee was 3.1% in 2004, up from 1.4% in 2003.
It's not surprising that spam continues to present serious security and resource risks to an organization's infrastructure: overloading systems, clogging mailboxes, defrauding recipients, reducing employee productivity and draining morale. It also increases the frequency, severity and cost of virus attacks and related threats, such as the damage to an employer's reputation from inadvertently sending spam or viruses. As a result, companies are faced with the ever-increasing challenge of not only reconciling inherent problems caused by spam, but also protecting themselves from on-going attacks. With such a foreboding technological landscape, at times even the most tech savvy IT administrators are hard-pressed for what to do.
The question arises, how do companies keep spammers in their sights? Enter Securence, a company with a unique Internet filtering and anti spam solution that helps protect companies and their employees by scanning email and eliminating threats, such as viruses, worms, malicious content and attachments, and other junk mail before reaching the end user.
In today's email world, all mail is born either legitimate or illicit. From here, the delivery process is rather straightforward. The originating mail server delivers email to the destination mail server via SMTP, with both servers having an IP address. Simply put, think of two phone numbers trying to connect.
In the case of a company using Securence's email filtering solution, SecurenceMail, when an email is sent to its mail server, the email is initially redirected to Securence through its MX record, which is short for mail exchange record, an entry in a domain name database that identifies the mail server responsible for handling emails for that domain name. (The MX record points to an array of servers that run in Securence's data centers in Minneapolis and Milwaukee.) Before an email can be accepted by Securence's system and delivered to the recipient, a series of steps must occur to ensure "clean" delivery. This cleansing process is also known as "filtering."
"What we're basically doing," says Travis Carter, VP of Technology at Securence, "is looking for Internet rodents."
SecurenceMail provides total protection against spam and viruses at the gateway. It typically blocks over 98% of spam and allows businesses to create and enforce custom email policies to further reduce the threat of unwanted email entering or leaving an organization. SecurenceMail is complemented by round-the-clock virus protection through Norman AntiVirus and Clam AntiVirus. This integrated multi-layer technology is fully scalable with flexible administrative management tools. By providing consolidated protection against the convergence of spam and virus threats, Securence offers organizations significant business and operational efficiencies, and lowers the total cost of ownership of anti spam and anti virus security.
Securence is a leading provider of anti spam software, and Internet filtering services that include email protection and security services for small business, enterprises, educational, and government institutions worldwide. The Company’s unique solutions help protect companies and their employees by scanning email and eliminating threats, such as viruses, worms, malicious content and attachments, and other junk mail before reaching the end user. Securence provides real-time protection from the latest email threats through the use of cutting-edge filtering technology and 24/7 monitoring – all backed by world-class customer service. Securence can be implemented immediately and requires no integration, migration, or upfront costs. Based in Minneapolis, Securence is a wholly owned subsidiary of US Internet Corp., a premier, full-service application service provider.
October 06, 2005
A new variant of the e-mail worm is masquerading as an old class photo sent by a schoolmate:
"A new variant of the Sober e-mail worm has started spreading as an attachment that claims to be an old class photo sent by a schoolmate. But if recipients open the file, they don't see a picture of themselves in braces. Instead, a worm tries to steal their information and then mail itself to others. "
From CNet NEWS.com
For full anti virus protection, contact Securence 1.866.200.9013
October 04, 2005
ComputerWeekly reports that the major search engines including Google, Yahoo and MSN are being spoofed by adware called Premium search. Once the adware is installed, users visiting those search engines are actually viewing spoofs. Full story at ComputerWeekly.
For protection from adware and spyware, contact Securence anti spam 1.866.200.9013.
October 03, 2005
I'm sure it was a long and hard battle but an Oklahoma man wins a legal fight with a spammer.
"On Thursday the 22nd, Robert Braver, an Oklahoma ISP owner who is a long time activist against both spam and junk faxes, received a default judgment of over $10 million against high profile spammer Robert Soloway and his company Newport Internet Marketing. Soloway has frequently been cited as one of the ten largest spammers in the world."
Read more over at Circleid.com
September 26, 2005
According to a report by Bigfoot Interactive, email marketers who don't adjust for changes many broadband ISPs are making regarding limits on simultaneous SMTP connections and volume rates are in for some serious deliverability problems Providers, such as BellSouth, Comcast, and RoadRunner are implementing the procedures to cut down on bulk spam.
September 19, 2005
What a target Google is. A new work is now posing as Google. When infected, users visiting Google are actually looking at a fake Google site.
From InfoWorld: A new worm has been discovered that apes Google's search site and tunes the results to benefit hackers, not Web surfers. The P2Load.A virus modifies the HOSTS file on a PC so that when
users try to access Google, they are redirected to a page that looks
exactly the same as Google, but is not controlled by the company.
Instead, the exact copy of Google even supports the 17 languages that
Google does and redirects typos such as www.googel.com or
www.gogle.com, in such a fashion that users are not aware of the
change, according to security firm PandaLabs. Once users inadvertently download P2Load.A, the next time they go to
Google, the spoofed page comes up. Some of the search results are
selectively changed, and the fake ads are swapped in place of Google's
A new worm has been discovered that apes Google's search site and tunes the results to benefit hackers, not Web surfers.
The P2Load.A virus modifies the HOSTS file on a PC so that when users try to access Google, they are redirected to a page that looks exactly the same as Google, but is not controlled by the company. Instead, the exact copy of Google even supports the 17 languages that Google does and redirects typos such as www.googel.com or www.gogle.com, in such a fashion that users are not aware of the change, according to security firm PandaLabs.
Once users inadvertently download P2Load.A, the next time they go to Google, the spoofed page comes up. Some of the search results are selectively changed, and the fake ads are swapped in place of Google's AdWords.Protect yourself with Securence anti spam and anti virus software.
September 08, 2005
Yahoo is really catching a lot of negative press as a result of comments made by Spamhaus regarding the hosting of 5000 domain names that are used for phishing.
"According to the Richard Cox, chief information officer of U.K.-based Spamhaus, Yahoo! has nearly 5,000 domains hosted and registered with the words “bank,” “eBay,” and “PayPal” within the domain name. “I just took three hot words, but there are dozens of others including misspellings. They are mostly phishing Websites, which shows that the situation is out of control," Cox told an audience at the eConfidence--Spams and Scams conference in London earlier this week, according to press reports."
For more information regarding anti spam and anti virus solutions, contact Securence at 1.866.200.9013
September 06, 2005
It's amazing people still fall for email spam and phishing techniques. Here's an account of an unlucky record producer in CA that fell for the old Nigerian money transfer scam:
Hard as it is to believe for long-time Internet denizens, online scammers and spammers are still reaping rewards from the community at large.
Last week's bizarre tale of a Los Angeles record producer claiming he was being chased by Nigerian scam artists is a high-profile example of the pervasiveness of the activities still evident today.
According to a report by the L.A. Times Sunday, Christian Irwin was found after a five-day search initially prompted by the producer's disappearance and a frantic phone call he made to friends.
According to the report, friends and family said Irwin had become involved in an Internet scam that paid him to transfer money from Nigeria to the U.S.
He panicked when the scam artists demanded repayment of $50,000, the report continued, and phoned a friend to say he thought he was being chased by Nigerian scam artists. He was found Sunday alive in a stream near his house.
The Nigerian e-mail fraud scheme is one of the oldest tricks in the Internet scam book, earning its own advisory Web page on the U.S. Secret Service's site. Also called an advance fee fraud or 419 scheme, after the Nigerian penal code for fraud, the Secret Service believes the Nigerian e-mail scam has bilked hundreds of millions of dollars annually from users.
Here's how it works. Link to full story at EnterpriseITPlanet.com