Mindblown: a blog about philosophy.

Four spam companies hit by CAN-SPAM rulings. The US Federal Trade Commission (FTC) stepped its anti-spam operations up a gear last week, shutting down four separate organisations for violating the CAN-SPAM Act. The four sets of spammers pushed dating, pornography, mortgages, drugs and phishing scams, and were closed on various grounds, including breaching requirements to…

Researcher lists security issues with document format. A researcher analysing the possibility of exploiting vulnerabilities in the Adobe PDF file format has released a lengthy list of ways in which the format can be used to breach security. UK-based penetration tester David Kierznowski claims ‘7 or more points’ are open to hackers wishing to execute…

Fake Gmail site served by Google itself. Web search and service behemoth Google has had its security credibility hit this weekend, after a site was set up on its servers spoofing its own GoogleMail service, and demonstrating how the system could be used to gather personal details. The site was set up via the Google…

US judgement meaningless, says UK anti-spam project. An Illinois court has passed a judgement demanding UK-based spam advisory organisation Spamhaus pay $11.7 million in damages to a spammer it labelled a spammer. Spamhaus has laughed in the face of the charges, insisting that not only is the claimant a spammer, but that the court has…

Two flaws in alert handling unveiled. Two separate vulnerabilites in the alert notification handling systems of Symantec products have been reported this week. Symantec Client Security and Symantec AntiVirus Corporate Edition are affected by the problems. The problems are both format string errors, the first allowing code execution with escalated privileges and the second granting…

Fake research a harvesting trick by spammers. An email widely spammed out in recent days claiming to be part of a research project into email use is in fact a scam designed to gather large numbers of email addresses. The email requests recipients forward all ‘chain letter’ type emails, complete and intact, to an email…

ActiveX flaw opens another hole in MS browser. Yet another bug has been found in Microsoft ‘s browser Internet Explorer , only days after a previous problem was patched for the third time. The issue, in the ActiveX controls, could allow for remote code execution, and could be used to set up drive-by downloads from…

Judgement in EarthLink lawsuit grants heavy payout. US ISP giant EarthLink , a regular champion of the CAN-SPAM Act, has won yet another case against a spammer. The judgement passed this week in an Atlanta court this week grants EarthLink $11 million. The spammers, Nevada-based KSTM , sent out millions of emails pushing mortgage websites,…

Anti-spyware tool attacks rootkit, kills CD drive. An alert has been issued by the Office of the Attorney General of Texas, warning that an anti-spyware product from AOL has a defect which blocks all access to the CD drive while trying to remove the rootkit planted by Sony ‘s XCP copy-protection software . The anti-spyware…

64% of recent phishes targeting global brand. Reports from Panda Software warn of a major phishing campaign targeting users of Barclays online banking, causing a 30% rise in phishes hitting their spam traps. At least 61 separate variants of a spoof email have been seen by spam labs, all of them trying to trick Barclays…