Tag: email
-
New email header attempts to prevent damage of reissued email addresses
Transactional emails not delivered if the account’s owner has changed in the meantime. When in June, Yahoo announced it would free up inactive user IDs, it received fierce criticism from the security community. The concern was that many of these user IDs are tied to email addresses that, though dormant, may still be registered as…
-
Is publishing your employees’ email addresses such a big deal?
Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for ‘leaking data that can be used by cyber attackers’, while making the same mistake themselves. KPMG found that every single company in the FTSE 350 index (the 350…
-
Compromised Yahoo! accounts continue to spread Android malware
Problem likely to be on Yahoo!’s side. In recent weeks, we have noticed an uptick in the amount of spam sent from compromised Yahoo! accounts; we have reasons to believe the problems are on Yahoo! ‘s side, rather than that of its users’. Spam sent from compromised accounts is notoriously hard to filter: the sender…
-
Vulnerabilities could trigger payload in emails upon receiving or opening
Flaws in IBM Notes and Exim/Dovecot easy to mitigate. Two recently discovered vulnerabilities in mail processing software could give an attacker access to a targeted system without the need for any links to be clicked or attachments to be opened. When email security experts talk about “malicious emails”, they usually mean emails with malware attached,…
-
Different focus on spam needed
What happens before the filter doesn’t matter too much. It is surprisingly difficult to get accurate figures for the amount of spam that is sent globally, yet everyone agrees that the global volume of spam has come down a lot since its peak in late 2008. At the same time, despite some recent small decreases…
-
Weak cryptography keys allow others to add valid DKIM signatures to fake emails
512-bit key cracked within 72 hours. A Florida-based mathematician has caused a stir in the email community by adding a valid DKIM signature for google.com to an email after cracking the company’s private signing-key. When the first SMTP standard was published just over three decades ago, email spam barely existed. The email landscape has changed…
-
Cybercriminals offering service flooding email, phone and SMS
DDoS-type attack could seriously disrupt business. A new service is being offered on underground forums where between 25,000 and 100,000 emails are being sent to an email account within a short period of time, security blogger Brian Krebs reports. The emails, which effectively perform a DDoS attack on the email account, could be seriously disruptive…
-
New RFC describes best practices for running DNS-based lists
DNSBL users advised to avoid those lists that charge for delisting. A new RFC document has been published that describes the best operational practices for the use of DNS-based lists in email filters. DNS-based lists (somewhat confusingly called ‘DNSBLs’ in the document) include blacklists and whitelists of IP addresses, but also URIBLs and geographical-based lists.…
-
New RFC grants DKIM improved status
Email signing method now ‘Draft Standard’. The Internet Engineering Task Force (IETF) has published a new RFC describing the DKIM protocol which sees its status advance from ‘Proposed Standard’ to ‘Draft Standard’. DKIM (‘DomainKeys Identified Email’) allows mail transfer agents (MTAs) to sign email messages that pass through them and also to verify a signature…
-
Windows Help Files used in targeted attacks
Files with code-executing properties attached to emails. Researchers at Symantec have discovered Windows Help Files being used in targeted attacks. Such help files, which use the .hlp extension, are used by Windows Help , a program that allows users to find help for programs running on the popular operating system. Because the files can call…