<![CDATA[[SecurityRatty] tag: domainkeys]]>

<![CDATA[[SecurityRatty] tag: domainkeys]]> http://securityratty.com/tag/domainkeys Sun, 10 Feb 2008 21:00:00 +0000 iRatty Engine http://blogs.law.harvard.edu/tech/rss <![CDATA[Microsofts CAPTCHA Under Spammers Attack Again]]> http://securityratty.com/article/393185090e444ba30508b07635eda9d3 http://securityratty.com/article/393185090e444ba30508b07635eda9d3 Wed, 01 Oct 2008 18:36:06 +0000 microsofts captcha live hotmail accounts server reputation spammers spam emails malware authors websense success assessment Microsofts CAPTCHA Under Spammers Attack Again <![CDATA[Hijacking a Spam Campaign's Click-through Rate]]> http://securityratty.com/article/358230080f61bb4bcad67ebc2f133eb5 http://securityratty.com/article/358230080f61bb4bcad67ebc2f133eb5

This spammer is DomainKeys verified, a natural observation considering that the spam compaign which I discussed last Wednesday is using bogus Yahoo Mail accounts, and is spamming only Yahoo Mail users through a segmented emails database.

Not necessarily what I wanted to achieve, but once posting the spam campaigns SEO URLs, Yahoo's crawler's picked up the post pretty fast, and have ruined the SEO effect, with everyone clicking on the campaign's links reaching the post. Close to 15,000 unique visitors reached the article during the past 7 days since the now hijacked, spammer's link is no longer achieving the effect it used to.

What does this prove? It proves that users tend to trust emails that pass through spam filters so much that they actually click on the links. And whereas it's a spam campaign, and not a malware campaign, the next time they over trust such a email, they'll expose themselves to client-side vulnerabilities coursesy of a copycat web malware exploitation kit.

The latest search query the campaign is using :
- yahoo.com/search/search;_ylt=?p=...........................................stossregularnew............$0.00.........

leads to stossregularnew.com (61.255.135.185).

]]> Fri, 26 Sep 2008 06:07:16 +0000 campaign spam campaign malware campaign users yahoo mail users yahoo post post pretty fast trust emails Hijacking a Spam Campaign's Click-through Rate <![CDATA[Summarizing Zero Day's Posts for July]]> http://securityratty.com/article/8dcef74e51c669037abd743dd3beb89d http://securityratty.com/article/8dcef74e51c669037abd743dd3beb89d

Different audience provokes different approach for communicating a particular event. In case you aren't reading ZDNet's Zero Day, where I blog next to Ryan Naraine and Nathan McFeters - join us.

Also, consider subscribing yourself to my personal RSS feed, or Zero Day's main feed in order to read all the posts. Here's a quick summary of my posts for last month :

01. Blizzard introducing two-factor authentication for WoW gamers
02. Sony PlayStation's site SQL injected, redirecting to rogue security software
03. 300 Lithuanian sites hacked by Russian hackers
04. Antivirus vendor introducing virtual keyboard for secure Ebanking
05. Gmail, Yahoo and Hotmail's CAPTCHA broken by spammers
06. Storm Worm's Independence Day campaign
07. Approximately 800 vulnerabilities discovered in antivirus products
08. $1 Million prize offered for cracking an encryption algorithm
09. U.K's most spammed person receives 44,000 spam emails daily
10. Storm Worm says the U.S have invaded Iran
11. Gmail, PayPal and Ebay embrace DomainKeys to fight phishing emails
12. Verizon, Telecom Italia, and Brasil Telecom top the botnet charts in Q2 of 2008
13. XSS worm at Justin.tv infects 2,525 profiles
14. Remote code execution through Intel CPU bugs
15. Ringleader of cybercrime group to be offered a job as cybercrime fighter
16. Spam coming from free email providers increasing
17. Kaspersky's Malaysian site hacked by Turkish hacker
18. Georgia President's web site under DDoS attack from Russian hackers
19. 75% of online banking sites found vulnerable to security design flaws
20. McAfee debunks recent vulnerabilities in AV software research, n.runs restates its position
21. Click fraud in 2nd quarter of 2008 more sophisticated, botnets to blame
22. How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
23. DNS cache poisoning attacks exploited in the wild
24. The Neosploit cybercrime group abandons its web malware exploitation kit
25. OS fingerprinting Apple's iPhone 2.0 software - a "trivial joke"
26. HD Moore pwned with his own DNS exploit, vulnerable AT&T DNS servers to blame

]]> Fri, 08 Aug 2008 10:35:52 +0000 day software rogue security software spam emails daily cybercrime cybercrime fighter independence day campaign emails posts Summarizing Zero Day's Posts for July <![CDATA[The Unbreakable CAPTCHA]]> http://securityratty.com/article/cf831127130ad30863bfa7ff5a541746 http://securityratty.com/article/cf831127130ad30863bfa7ff5a541746

In response to the continuing evidence of how spammers are efficiently breaking the CAPTCHAs of popular free email service providers in order to abuse their clean IP reputation, and already validated authenticity through the use of DomainKeys and SenderID frameworks, someone has finally came up with an unbreakable CAPTCHA.

If it only weren't a hoax, it would have even solved the human CAPTCHA solvers problem, whose sessions would have probably expired due to their inability to solve it.

Related posts:
Vladuz's Ebay CAPTCHA Populator
Spammers and Phishers Breaking CAPTCHAs
DIY CAPTCHA Breaking Service
Which CAPTCHA Do You Want to Decode Today?

]]> Thu, 17 Jul 2008 13:05:54 +0000 captcha ebay captcha populator human captcha solvers unbreakable captcha diy captcha spammers captchas senderid frameworks solve The Unbreakable CAPTCHA <![CDATA[Deploying antiphishing technology DKIM in 3 simple steps]]> http://securityratty.com/article/1110efc50ed5b3f76619c20700c456da http://securityratty.com/article/1110efc50ed5b3f76619c20700c456da Sun, 10 Feb 2008 21:00:00 +0000 steps dkim standard deploy experts domainkeys mail company Deploying antiphishing technology DKIM in 3 simple steps <![CDATA[Will Yahoo block messages that aren't signed? ]]> http://securityratty.com/article/4a1a4f29cd08053b19af0b7cf325480d http://securityratty.com/article/4a1a4f29cd08053b19af0b7cf325480d Sun, 10 Feb 2008 21:00:00 +0000 domainkeys internet mail yahoo executive dkim Will Yahoo block messages that aren't signed?