Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Elevated, Perhaps... →

November 16, 2017 by Marc Handelman in DoNotCall.gov, Spam, Telecom

Let us join John Timmer - whilst writing at Ars Technica, as the Good Author hitches his wagon - as it were- onto an elevator and into a telemarketing Hades; and, Weep, my friends,for the practically useless DoNotCall registry, and Telecom Security - or lack thereof, while you're at it.

November 16, 2017 /Marc Handelman
DoNotCall.gov, Spam, Telecom

Chimped

November 28, 2016 by Marc Handelman in All is Information, Infrastructure, Infosec Policy, Information Security, Spam

Last week's MailChimp hack and subsequent malicious emails are still not sufficently explained... I'll wager the RCA (if one was accomplished) points to deeper process issues than meets casual inspection. Perhaps stronger customer guidance on information security matters is in order (if, in fact, the cause was customer exploitation, rather than in-built flaws in the MailChimp infrastructure. In any case, you be the judge.

"A MailChimp spokesperson confirmed that it had reset passwords on the accounts included in the data dump": "Our team has obtained the data from the security researcher. They’ve validated usernames with our user base, and have forced password resets on the affected users. - via the inimitable Graham Cluley at grahamcluley.com**

November 28, 2016 /Marc Handelman
All is Information, Infrastructure, Infosec Policy, Information Security, Spam

Mumblehard, The Pernicious →

May 05, 2015 by Marc Handelman in All is Information, Information Security, OpenStack, OpenSource, Network Security, Malware, Spam, UCE

Swati Khandelwal, writing at The Hacker News, regales us with the tale of Mumblehard, the Linux and BSD Server targeted attack malware that transforms those machines into pernicious spambots.

May 05, 2015 /Marc Handelman
All is Information, Information Security, OpenStack, OpenSource, Network Security, Malware, Spam, UCE

M3AAWG, Dealing with UCE

January 21, 2015 by Marc Handelman in All is Information, Application Security, Information Security, UCE, Spam, Malware
January 21, 2015 /Marc Handelman
All is Information, Application Security, Information Security, UCE, Spam, Malware