CINXE.COM

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <head> <title>Terry Zink on CircleID</title> <meta name="description" content="Profile page of Terry Zink on CircleID" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="alternate" type="application/rss+xml" title="Feed for Terry Zink" href="https://circleid.com/rss/members/2859" /> <link rel="shortcut icon" type="image/ico" href="/favicon.ico" /> <link rel="stylesheet" type="text/css" media="all" href="/css/base.css" /> <link rel="stylesheet" type="text/css" media="all" href="/css/posts.css" /> <link rel="stylesheet" type="text/css" media="all" href="/css/members.css" /> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> <link href="https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto+Condensed:wght@400;700&family=Roboto+Mono:wght@300;400;700&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400;1,700&display=swap" rel="stylesheet"> <script type="text/javascript" src="/js/jq.clickmenu/jq.clickmenu.min.js"></script> <script type="text/javascript" src="/js/jq.scrollable/scrollable.min.js"></script> <script async src="https://cse.google.com/cse.js?cx=003374819184044847448:yb5rk7pq36s"></script>  <script defer src="/fontawesome-free-6.6.0-web/js/brands.js"></script> <script defer src="/fontawesome-free-6.6.0-web/js/solid.js"></script> <script defer src="/fontawesome-free-6.6.0-web/js/fontawesome.js"></script> <div id="fb-root"></div> <script>(function (d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <script type="text/javascript"> $(document).ready(function() { $('.showHideBox').hide(); $('a#clickToggle').click(function() { $('.showHideBox').toggle(); $(this).toggleClass("toggle-show"); $(this).toggleClass("toggle-hide"); return false; }); }); </script>  <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-85374710-1', 'auto'); ga('send', 'pageview'); </script> </head> <body> <div id="header"> <a href="/"><img class="headerLogo" src="/images/circleid.svg" border="0"/></a> <div class="headerLinks"> <span> Welcome:   <a href="https://circleid.com/account/login">Login</a>  |  <a href="https://circleid.com/account/signup">Sign Up</a>  |  <a href="https://circleid.com/about">About CircleID</a> </span> <span> Follow:   <a href="https://x.com/circleid" class="socialIcon"><i class="fa-brands fa-square-x-twitter"></i></a>  |  <a href="https://www.facebook.com/circleid/" class="socialIcon"><i class="fa-brands fa-square-facebook"></i></a>  |  <a href="https://www.linkedin.com/company/circleid" class="socialIcon"><i class="fa-brands fa-linkedin"></i></a>  |  <a href="http://feeds.circleid.com/cid_master/" class="socialIcon"><i class="fas fa-rss-square"></i></a> </span> </div> <div class="clear"></div> </div> <noscript> <div id="headerAlert"> WARNING: JavaScript is either disabled or not supported by your browser. You may encounter problems using various features on CircleID. </div> </noscript> <div id="headerNav"> <div id="headerNavContent"> <div id="headerNavMenu"> <ul> <li ><span class="head_menu"><a href="/">Home</a></span></li> <li> <span class="head_menu"><a href="https://circleid.com/topics">Topics</a><img src="/js/jq.clickmenu/arrow.gif" class="arrow" /></span> <div class="subMenu" style="width:480px;"> <table border="0" cellpadding="0" cellspacing="0"> <tr> <td> <a href="https://circleid.com/topics/access_providers">Access Providers</a> <a href="https://circleid.com/topics/artificial-intelligence">Artificial Intelligence</a> <a href="https://circleid.com/topics/blockchain">Blockchain</a> <a href="https://circleid.com/topics/brand_protection">Brand Protection</a> <a href="https://circleid.com/topics/broadband">Broadband</a> <a href="https://circleid.com/topics/censorship">Censorship</a> <a href="https://circleid.com/topics/cloud_computing">Cloud Computing</a> <a href="https://circleid.com/topics/cyberattack">Cyberattack</a> <a href="https://circleid.com/topics/cybercrime">Cybercrime</a> <a href="https://circleid.com/topics/cybersecurity">Cybersecurity</a> <a href="https://circleid.com/topics/data_center">Data Center</a> <a href="https://circleid.com/topics/ddos_attack">DDoS Attack</a> <a href="https://circleid.com/topics/dns">DNS</a> <a href="https://circleid.com/topics/dns-security">DNS Security</a> <a href="https://circleid.com/topics/domain-management">Domain Management</a> <a href="https://circleid.com/topics/domain_names">Domain Names</a> <a href="https://circleid.com/topics/email">Email</a> <a href="https://circleid.com/topics/enum">Enum</a> <a href="https://circleid.com/topics/gaming">Gaming</a> <a href="https://circleid.com/topics/icann">ICANN</a> <a href="https://circleid.com/topics/internet_governance">Internet Governance</a> <a href="https://circleid.com/topics/internet_of_things">Internet of Things</a> <a href="https://circleid.com/topics/internet_protocol">Internet Protocol</a> <a href="https://circleid.com/topics/ipv4-markets">IPv4 Markets</a> </td> <td style="border-left:1px solid #d5d5d5;border-right:1px solid #d5d5d5;padding:0 4px;"> <a href="https://circleid.com/topics/iptv">IPTV</a> <a href="https://circleid.com/topics/ipv6-transition">IPv6 Transition</a> <a href="https://circleid.com/topics/law">Law</a> <a href="https://circleid.com/topics/malware">Malware</a> <a href="https://circleid.com/topics/mobile_internet">Mobile Internet</a> <a href="https://circleid.com/topics/multilinguism">Multilinguism</a> <a href="https://circleid.com/topics/net_neutrality">Net Neutrality</a> <a href="https://circleid.com/topics/networks">Networks</a> <a href="https://circleid.com/topics/new_tlds">New TLDs</a> <a href="https://circleid.com/topics/p2p">P2P</a> <a href="https://circleid.com/topics/policy_regulation">Policy & Regulation</a> <a href="https://circleid.com/topics/privacy">Privacy</a> <a href="https://circleid.com/topics/regional_registries">Regional Registries</a> <a href="https://circleid.com/topics/registry_services">Registry Services</a> <a href="https://circleid.com/topics/satellite-internet">Satellite Internet</a> <a href="https://circleid.com/topics/spam">Spam</a> <a href="https://circleid.com/topics/telecom">Telecom</a> <a href="https://circleid.com/topics/udrp">UDRP</a> <a href="https://circleid.com/topics/voip">VoIP</a> <a href="https://circleid.com/topics/vpn">VPN</a> <a href="https://circleid.com/topics/web">Web</a> <a href="https://circleid.com/topics/white_space">White Space</a> <a href="https://circleid.com/topics/whois">Whois</a> <a href="https://circleid.com/topics/wireless">Wireless</a> </td> <td style="padding:0 0 0 4px;"> <div class="itemTitle">Display Options:</div> <a href="https://circleid.com/topics">List by Popularity</a> <a href="https://circleid.com/topics/chart">Chart by Popularity</a> </td> </tr> </table> </div> </li> <li> <span class="head_menu"><a href="https://circleid.com/blogs">Blogs</a><img src="/js/jq.clickmenu/arrow.gif" class="arrow" /></span> <div class="subMenu"> <a href="https://circleid.com/blogs">Latest</a> <a href="https://circleid.com/blogs/recently_discussed">Recently Discussed</a> <a href="https://circleid.com/blogs/most_discussed">Most Discussed</a> <a href="https://circleid.com/blogs/most_viewed">Most Viewed</a> </div> </li> <li> <span class="head_menu"><a href="https://circleid.com/news">News</a><img src="/js/jq.clickmenu/arrow.gif" class="arrow" /></span> <div class="subMenu"> <a href="https://circleid.com/news">Latest</a> <a href="https://circleid.com/news/recently_discussed">Recently Discussed</a> <a href="https://circleid.com/news/most_discussed">Most Discussed</a> <a href="https://circleid.com/news/most_viewed">Most Viewed</a> </div> </li> <li> <span class="head_menu"><a href="https://circleid.com/community">Community</a><img src="/js/jq.clickmenu/arrow.gif" class="arrow" /></span> <div class="subMenu"> <a href="https://circleid.com/community">Recently Featured</a> <a href="https://circleid.com/community/most_featured">Most Featured</a> <a href="https://circleid.com/community/most_active">Most Active</a> <a href="https://circleid.com/community/most_read">Most Read</a> <a href="https://circleid.com/community/recent_members">Recent Members</a> <a href="https://circleid.com/community/top_100" class="itemLine">Top 100 Leaderboard</a> <a href="https://circleid.com/community/alphabetical" class="itemLine">Alphabetical View</a> <a href="https://circleid.com/community/random">Random View</a> <a href="https://circleid.com/comments" class="itemLine">Recent Comments</a> </div> </li> <li> <span class="head_menu"><a href="https://circleid.com/industry">Industry</a><img src="/js/jq.clickmenu/arrow.gif" class="arrow" /></span> <div class="subMenu"> <a href="https://circleid.com/industry">Latest Posts</a> <a href="https://circleid.com/industry/most_viewed">Most Viewed</a> <a href="https://circleid.com/industry/leaderboard">Leaderboard</a> <a href="https://circleid.com/industry/members" class="itemLine"><strong>CircleID Members:</strong></a> <a href="/members/8495">CSC</a> <a href="/members/9196">Brand Registry Group</a> <a href="/members/9484">DNIB.com</a> <a href="/members/7855">i2Coalition</a> <a href="/members/1582">Godaddy Registry</a> <a href="/members/8076">Internet Commerce Association</a> <a href="/members/8622">IPv4.Global</a> <a href="/members/6851">Radix Registry</a> <a href="/members/8414">Threat Intelligence Platform (TIP)</a> <a href="/members/5593">Verisign</a> <a href="/members/8352">WhoisXML API</a> </div> </li> </ul> </div> <style> /* Search Box */ form.gsc-search-box { font-size: 14px; margin: 0 0 0 0; width: 100%; padding:0; } table.gsc-search-box td.gsc-input { padding:0 3px 5px 0; } /* Search input */ .gsc-input { font-size: 15px; } /* Search Button */ .gsc-search-button-v2 { font-size: 0; padding: 7px 12px; width: auto; vertical-align: middle; margin: -5px 0 0 0; } </style>  <div style="width:300px;float:right;margin: 0;padding: 0;"> <div class="gcse-searchbox-only"></div> </div>  <div class="clear"></div> </div> </div> <div id="headerSub">  <div id="headerProfile">  <div class='memPhoto'> <a href="https://circleid.com/members/2859"><img src="/images/member_photos/photo_2859.jpg" width="80" border="0" alt="Terry Zink" /></a> </div>  <div class="memInfo"> <h3>Terry Zink</h3> <p> <strong>Program Manager</strong><br /> Joined on August 20, 2007<br/> Total Post Views: 1,071,974 </p> <table class="btn-container"><tr><td class="btl"></td><td class="btr"></td></tr><tr><td class="bbl"></td><td class="bbr"><a href="#" class="toggle-show" id="clickToggle">About</a></td></tr></table> </div>  <div class="buttons">  <table class="btn-container"> <tr><td class="btl"></td><td class="btr"></td></tr> <tr><td class="bbl"></td><td class="bbr"><a href="https://circleid.com/account/email_console/2859/" class="email">Send Message</a></td></tr> </table>  <table class="btn-container"> <tr><td class="btl"></td><td class="btr"></td></tr> <tr><td class="bbl"></td><td class="bbr"><a href="https://circleid.com/rss/members/2859" class="rss">RSS</a></td></tr> </table> </div> <div class="clear"></div> </div>  <div id="headerSubProfile" class="showHideBox"> <div id="bio"> <p>Terry Zink is a Program Manager of antispam effectiveness for Microsoft Forefront Online, a service that provides in-the-cloud spam filtering for enterprise</p> <p>He started off as a spam analyst in 2004 which involved the processing of spam and false positive complaints.  In April of 2007, he transitioned into the Program Manager position.  He is now responsible for delivering features and solutions to end customers which meet the ever-changing demands of the email delivery business.</p> </div> <div id="links" class="pipedLinks"> <ul> <li><a href="http://blogs.msdn.com/tzink/" title="New window will open - http://blogs.msdn.com/tzink/" target="_blank">Blog</a></li> <li><a href="http://www.microsoft.com/exchange/services/default.mspx" title="New window will open - http://www.microsoft.com/exchange/services/default.mspx" target="_blank">Company</a></li> </ul> </div> <p id="cc"> Except where otherwise noted, all postings by Terry Zink on CircleID are licensed under a <a rel="license" href="http://creativecommons.org/licenses/ /2.5/" class="blue">Creative Commons License</a>. </p> </div>  <div id="headerSubNav"> <ul> <li id="current"><a href="https://circleid.com/members/2859">Featured Blogs (88)</a></li> <li ><a href="https://circleid.com/members/2859/comments/">Comments (16)</a></li> </ul> <div class="clear"></div> </div> </div>  <div class="container2c"> <div class="colWrapper"> <div class="colA"> <div class="colPad"> <h2>Featured Blogs</h2> <div class="postList" style="padding-bottom:30px;"> <h3 style="padding-top:0;margin-top:0;border:none;"><a href="https://circleid.com/posts/20121027_is_the_term_cyberwarfare_overstating_the_case">Is The Term “Cyberwarfare” Overstating the Case?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,</div> <p> At the Virus Bulletin conference last month, Andrew Lee from ESET gave a talk entitled "Cyberwar: Reality or Weapon of Mass Distraction?" In it, Lee talks about how the term "cyberwar" is thrown around a lot these days. However, he disagreed with the use of the term because it uses inflationary language and overstates the case; today's "cyberwar" is not the same as a conventional ware. <a href="https://circleid.com/posts/20121027_is_the_term_cyberwarfare_overstating_the_case" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 27, 2012</li> <li>Comments: 0</li> <li>Views: 11,447</li> </ul> </div> <h3><a href="https://circleid.com/posts/20121010_the_pros_and_cons_of_byod_bring_your_own_device">The Pros and Cons of BYOD (Bring Your Own Device)</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,</div> <p> At the Virus Bulletin conference this past September in Dallas, Righard Zwienenberg from ESET gave a presentation entitled BYOD. BYOD stands for Bring Your Own Device, but he reframed the acronym to "Bring Your Own Destruction", that is, he alluded to the security implications of bringing your own device. BYOD is the latest trend sweeping business and schools. <a href="https://circleid.com/posts/20121010_the_pros_and_cons_of_byod_bring_your_own_device" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 10, 2012</li> <li>Comments: 0</li> <li>Views: 10,397</li> </ul> </div> <h3><a href="https://circleid.com/posts/20121005_measuring_the_cost_of_cybercrime">Measuring the Cost of Cybercrime</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,</div> <p> Last week at Virus Bulletin in 2012, Tyler Moore of Southern Methodist University (SMU) gave a talk entitled "Measuring the cost of cyber crime." It was a study done in collaboration with multiple individuals in multiple countries. The study sought to answer this question - How much does cyber crime cost? Up until this point, nobody really knew. <a href="https://circleid.com/posts/20121005_measuring_the_cost_of_cybercrime" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 05, 2012</li> <li>Comments: 0</li> <li>Views: 10,345</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120919_a_look_at_mail_patterns_from_legitimate_webmail_sources">A Look at Mail Patterns from Legitimate Webmail Sources</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> For many years, I have tracked spam from botnets and reported on it. I have analyzed those botnets' distribution patterns by number of IPs, number of messages per email envelope and geographical distribution. While spam from botnets is interesting, and the main source of spam, it is not the only source of spam. What about spam that originates from the MAGY sources? <a href="https://circleid.com/posts/20120919_a_look_at_mail_patterns_from_legitimate_webmail_sources" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Sep 19, 2012</li> <li>Comments: 2</li> <li>Views: 10,401</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120822_why_passwords_never_been_weaker_and_crackers_never_been_stronger">Why Passwords Have Never Been Weaker and Crackers Have Never Been Stronger</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,</div> <p> The past few weeks, I've been on this security kick particularly when it comes to encryption. I'm developing my own app in my spare time. So I'm trying a whole bunch of things, no doubt making plenty of mistakes in the process. Luckily, the data I am protecting is only quasi-valuable so I can afford to take a hit due to my own conscious incompetence. Anyhow, I ran across this article on Ars Technica yesterday entitled "Why Passwords have never been weaker - and crackers have never been stronger." It's a long article and it will take you a while to read it, but here is my summary. <a href="https://circleid.com/posts/20120822_why_passwords_never_been_weaker_and_crackers_never_been_stronger" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 22, 2012</li> <li>Comments: 0</li> <li>Views: 9,467</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120725_israeli_officials_dispute_claims_of_stuxnets_us_israel_effort">Israeli Officials Dispute Claims of Stuxnet’s Joint US/Israel Effort</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran's nuclear power plants, was a joint effort between the United States and Israel. The program began under former president George W. Bush and continued under President Obama. Last month, the Washington Post ran an article saying that the US and Israel collaborated in a joint effort to develop Flame and that work included Stuxnet. <a href="https://circleid.com/posts/20120725_israeli_officials_dispute_claims_of_stuxnets_us_israel_effort" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 26, 2012</li> <li>Comments: 0</li> <li>Views: 11,257</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120706_cyber_criminals_infiltrate_even_small_businesses">Cyber Criminals Infiltrate Even Small Businesses</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I read an interesting article in the Wall Street Journal today entitled Cyber Criminals Sniff out Vulnerable Firms. It's a story of a small business owner in New York whose company was broken into by cyber criminals and stole $1.2 million from its bank accounts, although the owner was able to later recover about $800,000 of that. The moral of the story is that small businesses feel like they are not a major target for online thefts like these. <a href="https://circleid.com/posts/20120706_cyber_criminals_infiltrate_even_small_businesses" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 08, 2012</li> <li>Comments: 3</li> <li>Views: 10,556</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120627_who_says_you_cant_have_fun_at_the_ietf">Who Says You Can’t Have Fun at The IETF?</a></h3> <div class="byLine">Related Topics: <a href="/topics/censorship" class="red">Censorship</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/internet_protocol" class="red">Internet Protocol</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/web" class="red">Web</a>,</div> <p> A new IETF draft has been published that specifies a new HTTP status code for legally restricted resources. That is, if the government restricts your access to the web page, return this code (similar to how something not found is a 404). The error code: 451. From the Internet Draft, if the user tries to access a page, but access to the page is restricted by the government, display the following... <a href="https://circleid.com/posts/20120627_who_says_you_cant_have_fun_at_the_ietf" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 27, 2012</li> <li>Comments: 0</li> <li>Views: 11,092</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120615_spammers_aid_program">Spammers’ Aid Program</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> A couple of months ago, Microsoft Sweden launched a program called Spammers' Aid. This is a program (created and provided by Microsoft?) that is designed to help spammers reform their ways. The idea is that since spam is continually decreasing in email and spammers are finding it more and more difficult to get their mail delivered into the inbox, why not use the skills they acquired while spamming (sales and marketing, tech skills) and apply it for good? This program teaches them how. <a href="https://circleid.com/posts/20120615_spammers_aid_program" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 15, 2012</li> <li>Comments: 1</li> <li>Views: 10,518</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120607_homeland_security_cybercrime_bigger_threat_than_terrorism">According to the Department of Homeland Security, Cybercrime Is a Bigger Threat Than Terrorism</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano's comments that 'cybercrime represents the "greatest threat and actual activity that we have seen aimed at the west and at the United States" in addition to "or other than Al Qaeda and Al Qaeda-related groups."' ..."Napolitano cited a study commissioned by Symantec that put the total worldwide cost of cybercrime at $388 billion -- higher than the global market for heroin, cocaine and marijuana combined." <a href="https://circleid.com/posts/20120607_homeland_security_cybercrime_bigger_threat_than_terrorism" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 07, 2012</li> <li>Comments: 0</li> <li>Views: 9,545</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120429_spam_levels_still_lower_a_year_after_rustock">Spam Levels Still Lower a Year After Rustock</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> Arstechnica wrote an article recently entitled Spam levels still low a year after Rustock botnet takedown. The article is more detailed that numerous things have contributed to the decline in spam since then. However, the article misrepresents Rustock's effect on the spam levels. It's completely true that Rustock was the largest botnet and sent the most spam (by total individual spam connections). <a href="https://circleid.com/posts/20120429_spam_levels_still_lower_a_year_after_rustock" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 30, 2012</li> <li>Comments: 0</li> <li>Views: 9,290</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120412_mac_hit_by_another_wave_of_malware_users_in_denial">Mac Hit by Another Wave of Malware… Users in Denial?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> In case you haven't been watching cyber news recently, last week various security researchers published that Macs were infected by the Flashback Trojan and that the total number of infections worldwide was 600,000. This number was published by a couple of blogs. I debated writing about this topic since we had a previous Mac outbreak last year that initially spiked up, caused Apple to go into denial about the affair before issuing a fix, and then the malware kind of went away. Will this follow the same pattern? <a href="https://circleid.com/posts/20120412_mac_hit_by_another_wave_of_malware_users_in_denial" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 12, 2012</li> <li>Comments: 1</li> <li>Views: 10,637</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120330_us_outgunned_in_hacker_war">U.S. Outgunned in Hacker War</a></h3> <div class="byLine">Related Topics: <a href="/topics/cloud_computing" class="red">Cloud Computing</a>,  <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The Wall Street Journal has an interview with the outgoing head of the FBI's cyber crime investigation Shawn Henry. In it, he has a blunt assessment of the US's capabilities when it comes to combatting online crime, especially data theft and hacking... The more I read around the Internet, the more clear it's becoming at how cyber security is becoming a central focus. This has pretty big implications for the cloud. <a href="https://circleid.com/posts/20120330_us_outgunned_in_hacker_war" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 30, 2012</li> <li>Comments: 0</li> <li>Views: 10,732</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120326_microsoft_disrupts_the_zeus_infrastructure">Microsoft Disrupts the Zeus Infrastructure</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say "botnet", I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was). Rather, Zeus is a tool kit that online criminals can buy that lets them create phishing pages, perform fast fluxing, host drive-by downloads in addition to spamming. It's more like infrastructure than a botnet, although it does have a large botnet under its control. <a href="https://circleid.com/posts/20120326_microsoft_disrupts_the_zeus_infrastructure" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 26, 2012</li> <li>Comments: 0</li> <li>Views: 11,748</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120307_good_study_by_ucsd_on_economic_realities_of_spam_profit_motives">Good Study by UCSD on Economic Realities of Spam and Profit Motives</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> I recently had a chance to read a report titled, "Show Me the Money: Characterizing Spam-advertised Revenue" produced as a joint effort from the University of California, San Diego (UCSD), International Computer Science Institute, and UC Berkeley by Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker and Stefan Savage. I also had a chance to hear Chris Kanich speak about the topic - Show Me The Money! This post contains my notes with some photos taken from that report. <a href="https://circleid.com/posts/20120307_good_study_by_ucsd_on_economic_realities_of_spam_profit_motives" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 07, 2012</li> <li>Comments: 1</li> <li>Views: 10,365</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120305_the_top_3_emerging_threats_on_the_internet">The Top 3 Emerging Threats on the Internet</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/data_center" class="red">Data Center</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Last week at RSA, Bruce Schneier gave a talk on the top 3 emerging threats on the Internet. Whereas we in the security field usually talk about spam, malware and cyber crime, he talked about three meta-trends that all have the potential to be more dangerous than the cybercriminals. Here are my notes. <a href="https://circleid.com/posts/20120305_the_top_3_emerging_threats_on_the_internet" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 06, 2012</li> <li>Comments: 1</li> <li>Views: 13,813</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120221_misconceptions_about_spam">Misconceptions About Spam</a></h3> <div class="byLine">Related Topics: <a href="/topics/ipv6-transition" class="red">IPv6 Transition</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Sometimes I hear people or read writers that say things about spam that are incorrect. I thought I would clear those up in this blog post... When the holidays roll around, people start warning other people to watch their inboxes - December is spam season! By that, they mean that more spam than normal flows around the Internet. People say this because December is the holiday season. Since spam is another form of advertising, and advertisers pepper us with ads during this time, then spammers must do the same. It makes sense except it's not true. <a href="https://circleid.com/posts/20120221_misconceptions_about_spam" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 21, 2012</li> <li>Comments: 0</li> <li>Views: 9,204</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120215_anonymous_plans_to_go_after_dns_root_servers">Anonymous Plans to Go After DNS Root Servers. What Will Be the US’s Response?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/dns" class="red">DNS</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The other day on pastebin, snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet's root name servers... Going after the Internet's root servers is a very bold move by Anonymous. Whereas before they were "merely" breaking into companies that they believed were acting contra to the hacker ethic, going after the Internet infrastructure is another thing altogether. Why? <a href="https://circleid.com/posts/20120215_anonymous_plans_to_go_after_dns_root_servers" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 15, 2012</li> <li>Comments: 7</li> <li>Views: 25,798</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120213_how_frequently_do_botnets_reuse_ip_addresses">How Frequently Do Botnets Reuse IP Addresses?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. <a href="https://circleid.com/posts/20120213_how_frequently_do_botnets_reuse_ip_addresses" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 13, 2012</li> <li>Comments: 2</li> <li>Views: 10,189</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120131_dmarc_new_email_authentication_protocol">DMARC: New Email Authentication Protocol</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> A consortium of companies including Google, Microsoft, Facebook and Paypal have announced that they were collaborating and coming up with a new protocol known as DMARC -- the Domain-based Message Authentication, Reporting and Conformance. What is DMARC? <a href="https://circleid.com/posts/20120131_dmarc_new_email_authentication_protocol" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jan 31, 2012</li> <li>Comments: 0</li> <li>Views: 11,810</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120107_ibm_predicts_the_future_for_2016_and_it_includes_no_spam">IBM Predicts the Future for 2016 and It Includes No Spam</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> IBM published a video where it predicts what the world will look like in 2016 (see bottom of this post for the link). It includes the following five predictions. I want to start with the last one -- that junk mail (i.e., spam) will disappear. You'll need to watch the video to get the nuances of the prediction, but IBM says that in five years, Junk Mail will become a thing of the past. <a href="https://circleid.com/posts/20120107_ibm_predicts_the_future_for_2016_and_it_includes_no_spam" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jan 08, 2012</li> <li>Comments: 1</li> <li>Views: 12,992</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111230_antispam_law_draws_backlash">Antispam Law Draws Backlash</a></h3> <div class="byLine">Related Topics: <a href="/topics/law" class="red">Law</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> I was reading in the Canadian Lawyer Mag that businesses in Canada are now coming to grips with the Canadian Antispam law that was passed last year. Canada's antispam law is much tougher than most jurisdictions. Aside from the penalties of the law, which are steep, what differentiates it the most from the US law is that Canada's law is an opt-in law; marketers who send commercial email must be able to demonstrate that they received consent in writing in order to market to people. As expected, people who are most affected by the law - marketers - are upset about the lack of wriggle room and how it could affect their business. <a href="https://circleid.com/posts/20111230_antispam_law_draws_backlash" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Dec 30, 2011</li> <li>Comments: 2</li> <li>Views: 11,002</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111123_brazil_the_newest_up_and_comer">Brazil: The Newest Up and Comer</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/law" class="red">Law</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The Virus Bulletin Conference last month had some good presentations, including this one by Fabio Assolini of Kaspersky. He spoke about how Brazil is the the newest up-and-comer on the cyber crime block. The tale begins with the story of Igor and Emily, two cyber criminals operating out of Brazil. Together, the two of them stole $300,000 US from a single Brazilian bank in one year. <a href="https://circleid.com/posts/20111123_brazil_the_newest_up_and_comer" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 24, 2011</li> <li>Comments: 1</li> <li>Views: 12,319</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111116_what_chinese_ddos_malware_looks_like">What Chinese DDoS Malware Looks Like</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/ddos_attack" class="red">DDoS Attack</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/net_neutrality" class="red">Net Neutrality</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> While at that same Virus Bulletin conference that I was talking about earlier in my other post, I also had the chance to check out a session on Chinese DDoS malware put on by some folks from Arbor Networks. As little insight as I have into Android malware, I know even less about Chinese DDoS malware. So what's Chinese DDoS malware like? What are its characteristics? <a href="https://circleid.com/posts/20111116_what_chinese_ddos_malware_looks_like" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 16, 2011</li> <li>Comments: 0</li> <li>Views: 10,356</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111114_what_mobile_malware_looks_like">What Mobile Malware Looks Like</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/mobile_internet" class="red">Mobile Internet</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Last month at the Virus Bulletin Conference in Barcelona, I took in one of the sessions on mobile malware. This type of malware is foreign to me because I mostly stay in the email space at work (and even then, I am focusing more on day-to-day issues of running a large mail provider than I am on spam and abuse). What's mobile malware like? What are the threats? How do users get infected? <a href="https://circleid.com/posts/20111114_what_mobile_malware_looks_like" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 14, 2011</li> <li>Comments: 0</li> <li>Views: 10,543</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111020_oil_and_gas_cyber_security_forum">Oil and Gas Cyber Security Forum</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A reader recently brought to my attention an upcoming conference in London in the UK -- The Oil and Gas Cyber Security Forum. Here's a little blurb: "Despite investments into state of the art technology, a majority of the oil and gas industry remain blissfully unaware of the vulnerabilities, threats and capability of a malicious cyber attack on control systems..." I bring this up because it is relevant to the trends in cyber security that we see this year - that of the Advanced Persistent Threat. <a href="https://circleid.com/posts/20111020_oil_and_gas_cyber_security_forum" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 20, 2011</li> <li>Comments: 0</li> <li>Views: 10,882</li> </ul> </div> <h3><a href="https://circleid.com/posts/20111018_sec_asks_companies_to_disclose_cyberattacks">SEC Asks Companies to Disclose Cyberattacks</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I came across an interesting article on Reuters today: "U.S. securities regulators formally asked public companies for the first time to disclose cyber attacks against them, following a rash of high-profile Internet crimes..." This is a pretty big step for the SEC. Requiring companies to disclose when they have been hacked shifts the action on corporations from something voluntary to something that they have to do. The question is do we want to hear about everything? <a href="https://circleid.com/posts/20111018_sec_asks_companies_to_disclose_cyberattacks" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 18, 2011</li> <li>Comments: 0</li> <li>Views: 8,628</li> </ul> </div> <h3><a href="https://circleid.com/posts/what_is_email_appending_and_why_is_it_bad">What Is Email Appending and Why Is It Bad?</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> MAAWG recently released a document on email appending, criticizing the practice and describing it as abusive. But what is email appending? ... This definition is alright but I didn't find it as helpful as it could be. I looked it up on some other sites and I have a better description. <a href="https://circleid.com/posts/what_is_email_appending_and_why_is_it_bad" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Sep 27, 2011</li> <li>Comments: 0</li> <li>Views: 10,204</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110825_spam_is_on_the_decline_what_are_the_implications">Spam Is on the Decline; What Are the Implications?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half. What does this mean in real terms? Are we finally winning the fight against spam? There are multiple angles. On the one hand, processing spam takes significant system resources... <a href="https://circleid.com/posts/20110825_spam_is_on_the_decline_what_are_the_implications" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 25, 2011</li> <li>Comments: 0</li> <li>Views: 11,652</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110824_protecting_yourself_from_spear_phishing">Protecting Yourself from Spear Phishing</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> One of the big trends this year is spear phishing. These are phish attacks that are frequently (though not always) against high profile users. The purpose of these attacks is to steal sensitive data or get elevation of privilege inside the service by exploiting a software vulnerability within the user's computer that transmits usernames and passwords back to the phisher. <a href="https://circleid.com/posts/20110824_protecting_yourself_from_spear_phishing" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 24, 2011</li> <li>Comments: 0</li> <li>Views: 10,770</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110815_spam_continues_to_drop">Spam Continues to Drop</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> The chart in this post shows the amount of inbound mail that we see, both spam and non-spam, over the past three and a half years. You can see in the above that the amount of good mail that we see has continued to increase over time. This is because of an increased customer base, not because the total amount of good mail worldwide has gone up... However, the amount of spam has plummeted from 23,000 in mid 2010 to 5000 now, a drop of over 75%. The contrast couldn't be starker -- spammers are not spamming as much anymore. It almost looks like the battle against spam is almost over. What's still left to do? <a href="https://circleid.com/posts/20110815_spam_continues_to_drop" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 16, 2011</li> <li>Comments: 11</li> <li>Views: 12,679</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110804_another_day_another_set_of_hacking_attacks_news_at_11">Another Day, Another Set of Hacking Attacks. News At 11.</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> While reading Reuters I came across a news article indicating that a number of high profile agencies - from the United Nations to the Canadian Government to government of Taiwan - were broken into over a period of the past five years. ... I'll say it right now, even though I haven't been briefed on it. It was China. <a href="https://circleid.com/posts/20110804_another_day_another_set_of_hacking_attacks_news_at_11" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 04, 2011</li> <li>Comments: 0</li> <li>Views: 12,658</li> </ul> </div> <h3><a href="https://circleid.com/posts/is_cyber_security_a_priority_you_wouldnt_know_it_if_you_go_by_top_level_def">Is Cybersecurity a Priority? You Wouldn’t Know It If You Go by Top Level Defections</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> In the US administration, we see important people like incoming Secretary of Defense Leon Panetta say at his Senate confirmation hearing that "a strong likelihood that the next Pearl Harbor" could well be a cyberattack that cripples the U.S. power grid and financial and government systems. He also said that cybersecurity will be one of the main focuses of his tenure at the Pentagon. But when you look at what is <em>actually</em> happening in cyber security, there is more position jockeying than there is real progress. <a href="https://circleid.com/posts/is_cyber_security_a_priority_you_wouldnt_know_it_if_you_go_by_top_level_def" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 27, 2011</li> <li>Comments: 1</li> <li>Views: 9,804</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110714_pentagon_reveals_largest_ever_loss_of_defense_data_in_cyberattack">Pentagon Reveals Largest Ever Loss of Defense Data in Cyberattack</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The Associated Press published an article today that the Pentagon revealed that earlier this year, they suffered one of its largest ever loss of sensitive data to a foreign government by a cyberattack. ... It's hard to say what's right and what's wrong. On the one hand, the Secretary of Defense says that the cyberwar is very real. On the other hand, the cyberczar Howard Schmidt said that there is no cyberwar and instead government needs to focus its efforts to fight online crime and espionage... <a href="https://circleid.com/posts/20110714_pentagon_reveals_largest_ever_loss_of_defense_data_in_cyberattack" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 15, 2011</li> <li>Comments: 0</li> <li>Views: 8,721</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110623_new_gtlds_floodgates_for_spammers">New gTLDs: Floodgates for Spammers?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/icann" class="red">ICANN</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Ever since I heard of the new generic Top-Level Domains (gTLDs), I wondered whether they would be prone to abuse. For example, Microsoft might want to register www.microsoft.microsoft, or Sony might want to register www.sony. But isn't this opening up the floodgates for spammers to register their own domains and squat on them? Why couldn't a spammer register www.cit.ibank? They could then send phishing messages and fool people into clicking very legitimate looking domains. But I don't think this will be a problem. <a href="https://circleid.com/posts/20110623_new_gtlds_floodgates_for_spammers" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 24, 2011</li> <li>Comments: 0</li> <li>Views: 13,629</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110530_solving_the_spam_problem">Solving the Spam Problem</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Last week, I read Ed Falk's blog post where he commented on a possible solution to the spam problem. He himself was commenting on a study done by researchers out of the University of California where they discovered that credit card transactions for stuff bought in spamvertisements are handled by three companies: one in Azerbaijan, one in Denmark and one in the West Indies. Presumably, if security experts and law enforcement went after these companies, spammers would have their financial supply cut off. No money = no incentive to spam. <a href="https://circleid.com/posts/20110530_solving_the_spam_problem" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 30, 2011</li> <li>Comments: 3</li> <li>Views: 11,941</li> </ul> </div> <h3><a href="https://circleid.com/posts/facebook_vs_google_the_pot_calling_the_kettle_black">Facebook vs Google: The Pot Calling the Kettle Black</a></h3> <div class="byLine">Related Topics: <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/privacy" class="red">Privacy</a>,</div> <p> In case you missed it a few days, a story broke that said that Facebook was caught hiring a PR firm to spread stories about Google about how they invade people's privacy... Even though I work for Microsoft and therefore can hardly be considered unbiased, I think Microsoft would be in a position to call out others for lack of privacy protection. I say this based on the fact that in my division, every new feature that we implement has to go through Privacy reviews... <a href="https://circleid.com/posts/facebook_vs_google_the_pot_calling_the_kettle_black" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 18, 2011</li> <li>Comments: 0</li> <li>Views: 9,905</li> </ul> </div> <h3><a href="https://circleid.com/posts/password_policies_need_to_be_the_same_if_we_want_users_to_take_our_advice">Password Policies Need to Be the Same if We Want Users to Take Our Advice</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The other day on Facebook, one of my friends mentioned that today (i.e., that day) was a good day to update his passwords. But he then lamented that some web sites don't allow you to create more than a 12-character password! He was incensed! Well, maybe not incensed but showed contempt for the fact these sites restricted password length. <a href="https://circleid.com/posts/password_policies_need_to_be_the_same_if_we_want_users_to_take_our_advice" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 02, 2011</li> <li>Comments: 1</li> <li>Views: 7,345</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110415_the_distribution_of_botnets_since_rustock_went_down">The Distribution of Botnets Since Rustock Went Down</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? <a href="https://circleid.com/posts/20110415_the_distribution_of_botnets_since_rustock_went_down" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 15, 2011</li> <li>Comments: 0</li> <li>Views: 9,885</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110407_esp_compromises_and_their_lack_of_security">ESP Compromises and Their Lack of Security</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Over at <em>Word to the Wise</em>, Laura Atkins has a post up where she talks about the real problem with ESPs and their lack of internal security procedures which resulted in the breach of many thousands of email addresses (especially Epsilon). However, Atkins isn't only criticizing ESP's lack of security but also the industry's response wherein they have suggested countermeasures that are irrelevant to the problem.  <a href="https://circleid.com/posts/20110407_esp_compromises_and_their_lack_of_security" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 07, 2011</li> <li>Comments: 3</li> <li>Views: 10,428</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110329_most_prolific_botnet_since_rustock_was_taken_down">Who Has Taken Over As the Most Prolific Botnet Since Rustock Was Taken Down?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Over at the site V3.co.uk, they have an article up today alleging that since the Rustock takedown two weeks ago, the <em>bagle</em> botnet has moved to take over as the botnet that is responsible for sending the most spam. They have not replaced Rustock's total spam volume, only that they are now the number one spam sending botnet. <a href="https://circleid.com/posts/20110329_most_prolific_botnet_since_rustock_was_taken_down" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 29, 2011</li> <li>Comments: 0</li> <li>Views: 10,729</li> </ul> </div> <h3><a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_3">Digging Through the Problem of IPv6 and Email - Part 3</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/ipv6-transition" class="red">IPv6 Transition</a>,</div> <p> One idea to make the problem of mail more manageable is to restrict the address space that is allowed to send mail. In an ideal world, we'd restrict where mail mail servers could send mail from. So, if we say that the number of individual mail servers in the world will probably never exceed 32 million (not unreasonable), or 2^25, then what if the 25 least significant bits were reserved for mail servers? <a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_3" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 23, 2011</li> <li>Comments: 5</li> <li>Views: 15,252</li> </ul> </div> <h3><a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_2">Digging Through the Problem of IPv6 and Email - Part 2</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/ipv6-transition" class="red">IPv6 Transition</a>,</div> <p> We have seen that spammers already possess the ability to hop around IP addresses quickly. They do this because once an IP gets blocked, it is no longer useful to them. There are only so many places they can hide, though - 4.2 billion places they can hide. However, in IPv6, if they are able to do the same pattern of sending out mail and hopping around IP addresses the same way they do in IPv4, then there is virtually unlimited space they can hide in. <a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_2" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 23, 2011</li> <li>Comments: 0</li> <li>Views: 11,705</li> </ul> </div> <h3><a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_1">Digging Through the Problem of IPv6 and Email - Part 1</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/ipv6-transition" class="red">IPv6 Transition</a>,</div> <p> Recently, a couple of anti-spam (or at least email security related) bloggers have written some articles about IPv6 and the challenges that the email industry faces regarding it. John Levine, who has written numerous RFCs and a couple of books about spam fighting, writes the following in his article "A Politically Incorrect Guide to IPv6, part III". <a href="https://circleid.com/posts/digging_through_the_problem_of_ipv6_and_email_part_1" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 23, 2011</li> <li>Comments: 1</li> <li>Views: 13,952</li> </ul> </div> <h3><a href="https://circleid.com/posts/20110218_foreign_hackers_attack_canadian_government">Foreign Hackers Attack Canadian Government</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> An unprecedented cyberattack on the Canadian government also targeted Defence Research and Development Canada, making it the third key department compromised by hackers, CBC News has learned. ... While there is no definitive proof, of course, that China was behind these attacks, there is a lot of circumstantial evidence that points in that direction. China (allegedly) has a long history of engaging in espionage activities in order to gain access to information. In the United States, this is sometimes referred to as cyber warfare, but I think that cyber espionage is a better choice of terms. <a href="https://circleid.com/posts/20110218_foreign_hackers_attack_canadian_government" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 18, 2011</li> <li>Comments: 2</li> <li>Views: 12,738</li> </ul> </div> <h3><a href="https://circleid.com/posts/email_getting_a_makeover">Email Getting a Makeover!</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,</div> <p> The New York Times recently posted an article about how email is getting a makeover and how the communication medium is being shunned by the younger crowd as they move more and more towards other platforms. If you like using email, that means you're an old fogey. When the Internet exploded in growth in 1995, email was a pretty cool commodity. Now, it's not that big a deal anymore, according to the New York Times. <a href="https://circleid.com/posts/email_getting_a_makeover" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Dec 22, 2010</li> <li>Comments: 0</li> <li>Views: 9,073</li> </ul> </div> <h3><a href="https://circleid.com/posts/facebooks_new_messaging_platform">Facebook’s New Messaging Platform</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/web" class="red">Web</a>,</div> <p> On Monday, Facebook announced that they were introducing a new messaging platform. Facebook is careful to point out that this is not a replacement for email; it is <em>not</em> email, so they claim. So what is it? This messaging platform is basically a way to talk to people outside of Facebook <em>from</em> Facebook... Essentially, independent of the platform, you can still use the feature. It's kind of like everything Java promised in the 1990's -- it runs on Windows, the Mac or Unix. <a href="https://circleid.com/posts/facebooks_new_messaging_platform" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 17, 2010</li> <li>Comments: 0</li> <li>Views: 10,334</li> </ul> </div> <h3><a href="https://circleid.com/posts/20101111_com_the_riskiest_top_level_domain_part_2">.COM - The Riskiest Top-Level Domain? (Part 2)</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/dns" class="red">DNS</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/registry_services" class="red">Registry Services</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Following up from my post yesterday, I thought I would take a look at how spammy each particular TLD is. At the moment, I only track 8 TLD's - .cn, .ru, .com, .net, .org, .info, .biz and .name. To check to see which one is the spammiest, I took all of our post-IP blocked mail and determined how many times those messages occurred in email, and how many times that email was marked as spam... <a href="https://circleid.com/posts/20101111_com_the_riskiest_top_level_domain_part_2" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 11, 2010</li> <li>Comments: 2</li> <li>Views: 10,584</li> </ul> </div> <h3><a href="https://circleid.com/posts/20101110_com_the_riskiest_top_level_domain">.COM - The Riskiest Top-Level Domain?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/dns" class="red">DNS</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/registry_services" class="red">Registry Services</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A couple of weeks ago, NetworkWorld published an article indicating that the .com TLD was the riskiest TLD in terms of containing code that can steal passwords or take advantage of browser vulnerabilities to distribute malware... It is unclear to me what they mean by TLD's being risky. The number of domains, 31.3% of .com's being considered risky, what does this actually mean? Is it that 31% of .com's are actually serving up malware or something similar? If so, that seems like a lot because for many of us, nearly 1 in every 3 pages that most people visit would be insecure... <a href="https://circleid.com/posts/20101110_com_the_riskiest_top_level_domain" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 10, 2010</li> <li>Comments: 1</li> <li>Views: 12,295</li> </ul> </div> <h3><a href="https://circleid.com/posts/20101028_global_spam_levels_drop_following_certain_events">Global Spam Levels Drop Following Certain Events</a></h3> <div class="byLine">Related Topics: <a href="/topics/law" class="red">Law</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> If you haven't noticed lately, spam levels around the world have started dropping especially in October after a couple of events occurred. The first is a Russian crackdown on alleged spam king Igor Gusev, thought to be involved in the operations of SpamIt.com. SpamIt mysteriously shut down in late September, perhaps because Gusev caught wind of law enforcement starting to take notice of him. <a href="https://circleid.com/posts/20101028_global_spam_levels_drop_following_certain_events" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 28, 2010</li> <li>Comments: 0</li> <li>Views: 10,830</li> </ul> </div> <h3><a href="https://circleid.com/posts/20101017_united_states_is_the_most_bot_infected_country_right">United States Is the Most Bot-Infected Country. Right?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A couple of days ago, Threatpost posted an article indicating that the United States is the most bot-infected country... I think that Microsoft's mechanism of measuring bot infections is a good one, not necessarily because it is the most accurate but because it represents the most complete snapshot of botnet statistics. Because Microsoft Windows is installed on so many computers worldwide and because so many users across the world call home to the MSRT, Microsoft is able to collect a very large snapshot of data. <a href="https://circleid.com/posts/20101017_united_states_is_the_most_bot_infected_country_right" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 17, 2010</li> <li>Comments: 2</li> <li>Views: 10,658</li> </ul> </div> <h3><a href="https://circleid.com/posts/stopping_the_flow_of_online_illegal_pharmaceuticals">Stopping the Flow of Online Illegal Pharmaceuticals</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/domain_names" class="red">Domain Names</a>,  <a href="/topics/icann" class="red">ICANN</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/registry_services" class="red">Registry Services</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/whois" class="red">Whois</a>,</div> <p> Reading through Brian Kreb's blog last week, he has an interesting post up on the White House's call upon the industry on how to formulate a plan to stem the flow of illegal pharmaceuticals...It is unclear to me whether or not the goal of this initiative is to stem the flow of online crime in general or to reduce the flow of illegal pharmaceuticals flowing into the United States (since presumably this cuts into the profits of large pharmaceutical companies... <a href="https://circleid.com/posts/stopping_the_flow_of_online_illegal_pharmaceuticals" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 31, 2010</li> <li>Comments: 0</li> <li>Views: 15,426</li> </ul> </div> <h3><a href="https://circleid.com/posts/russian_cybercrime_is_organized_russian_cybercrime_is_not_organized">Russian Cybercrime is Organized / Russian Cybercrime is Not Organized</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The more I read, the more I see conflicting views on the state of the criminal cybercrime world. On the one hand, the Russian criminal cybercrime underworld is a scary, organized place... On the other hand, there is the position that <em>that</em> position is an exaggeration of what it is actually like and that it's a bunch of ragtag folks who have some advanced computer skills but they are not formally organized. ... I see this very similarly to how I see cyber warfare... <a href="https://circleid.com/posts/russian_cybercrime_is_organized_russian_cybercrime_is_not_organized" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 25, 2010</li> <li>Comments: 2</li> <li>Views: 12,444</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100727_cyberwar_vs_no_cyberwar">Cyberwar vs No Cyberwar</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I was browsing CircleID the other day and came across Bruce Schneier's article on cyberwar. Schneier's article, and the crux of his point, is that the term cyber war and the threat of cyber warfare has been greatly exaggerated. The real problem in cyberspace is not the threat of cyber warfare wherein a foreign government, or possibly non-state actor, conducts a cyber attack on another nation. <a href="https://circleid.com/posts/20100727_cyberwar_vs_no_cyberwar" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 27, 2010</li> <li>Comments: 10</li> <li>Views: 12,979</li> </ul> </div> <h3><a href="https://circleid.com/posts/tackling_cyber_security_should_we_trust_the_libertarians_part_2">Tackling Cyber Security: Should We Trust the Libertarians? Part 2</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/privacy" class="red">Privacy</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. <a href="https://circleid.com/posts/tackling_cyber_security_should_we_trust_the_libertarians_part_2" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 28, 2010</li> <li>Comments: 0</li> <li>Views: 8,874</li> </ul> </div> <h3><a href="https://circleid.com/posts/why_are_edu_domains_compromised_so_much">Why are *.edu’s Compromised so Much?</a></h3> <div class="byLine">Related Topics: <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> When it comes to the problem of outbound spam, one of the experiences that I have, and this was reaffirmed at TechEd, is that the number one source of compromised accounts are educational institutions. That is to say, whenever we have an outbound spam problem and have to hunt down where it is coming from, the highest number of these accounts are phished accounts/credentials from users at an educational institution. Why is this? Why does so much spam originate from universities? <a href="https://circleid.com/posts/why_are_edu_domains_compromised_so_much" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jun 16, 2010</li> <li>Comments: 2</li> <li>Views: 9,859</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100513_no_cyberattack_on_wall_street">No Cyberattack on Wall Street</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> In case you missed it, last Thursday, May 6, we saw a remarkable day on the stock markets. The day started off with some selling which went down neat and orderly. Suddenly, around 2:40 pm eastern time, the market started selling off rapidly taking huge hits in in the span of 30 minutes. It was an incredible ride and at one point, the Dow Jones average was off 1000 points for the day, the largest drop in history (though not the largest percentage drop). It was kind of like October of 1987. <a href="https://circleid.com/posts/20100513_no_cyberattack_on_wall_street" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 13, 2010</li> <li>Comments: 0</li> <li>Views: 8,581</li> </ul> </div> <h3><a href="https://circleid.com/posts/tackling_cyber_security_should_we_trust_the_libertarians">Tackling Cyber Security: Should We Trust the Libertarians?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/privacy" class="red">Privacy</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> One of the RSS feeds that I read is Reason magazine, which is a web site for libertarians. In general, libertarians want less government intervention both in our personal lives and in the economy. The idea behind libertarians is that today's Republicans want less government intervention in our economy but are perfectly fine to have them dictate some aspects of morality. Similarly, today's Democrats want less government intervention in our personal lives but are perfectly fine with creating government bureaucracy to deliver social services. That's an oversimplified summary, but is more or less correct. About two months ago I got an article in my RSS feed where Reason was commenting on the government's response to the cyber war threats. <a href="https://circleid.com/posts/tackling_cyber_security_should_we_trust_the_libertarians" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 29, 2010</li> <li>Comments: 0</li> <li>Views: 9,610</li> </ul> </div> <h3><a href="https://circleid.com/posts/callservice_biz_shut_down_by_the_fbi">CallService.biz Shut Down by the FBI</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/law" class="red">Law</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Gary Warner over at Cyber Crime and Doing Time has a good post up this week about the CallService.biz website being shut down. I have posted a few good excerpts and added my comments to the end. ... Warner's take on the world of spam, malware, hacking and phishing is that unless people actually go to jail because they are spamming, the problem of spamming will never get better. That's because when the security industry fixes the latest hole or comes up with a new technology to stop the newest threat, spammers simply move onto another. <a href="https://circleid.com/posts/callservice_biz_shut_down_by_the_fbi" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 22, 2010</li> <li>Comments: 0</li> <li>Views: 11,282</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100415_military_asserts_rights_to_return_cyber_attacks">Military Asserts Rights to Return Cyber Attacks</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... <a href="https://circleid.com/posts/20100415_military_asserts_rights_to_return_cyber_attacks" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 15, 2010</li> <li>Comments: 1</li> <li>Views: 11,043</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100401_geeks_all_trust_each_other_but_not_in_china">Geeks All Trust Each Other But Not in China</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/domain_names" class="red">Domain Names</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/registry_services" class="red">Registry Services</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Brian Krebs has a post up the other day on his blog indicating that the amount of spam ending in .cn has declined dramatically due to steps taken by the Chinese government making it more difficult to get a domain ending in .cn... A cursory glance seems to confirm that the amount of spam from .cn as opposed to .ru has switched places. Indeed, if the CNNIC requires people to start writing in application forms, with a business license and identity card, that is seriously going to slow down the rate at which spammers can sign up and register new domains. <a href="https://circleid.com/posts/20100401_geeks_all_trust_each_other_but_not_in_china" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Apr 01, 2010</li> <li>Comments: 0</li> <li>Views: 9,593</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100312_another_one_partially_bites_the_dust">Another One (Partially) Bites the Dust</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Following in the footsteps of Lethic, Waledac and Mariposa, yet another botnet has been taken offline. Not completely, though, it was only a partial disconnect. The Zeus botnet, also known as Zbot, is a trojan password stealer that captures passwords and sends them to the attacker. <a href="https://circleid.com/posts/20100312_another_one_partially_bites_the_dust" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 12, 2010</li> <li>Comments: 0</li> <li>Views: 8,464</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100305_authorities_take_down_the_mariposa_botnet">Authorities Take Down the Mariposa Botnet</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> There are a number of sources talking about the takedown of the Mariposa botnet... Spanish authorities, working with researchers from Panda Labs, Defence Intelligence and a couple of other educational institutions, took down the Mariposa botnet (Mariposa is the Spanish word for "butterfly"). The Mariposa botnet is an absolutely enormous with around 12 million (!) nodes doing its bidding. It was involved in things like credit card phishing and identity fraud. <a href="https://circleid.com/posts/20100305_authorities_take_down_the_mariposa_botnet" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Mar 05, 2010</li> <li>Comments: 0</li> <li>Views: 11,599</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100225_closing_in_on_the_google_hackers">Closing in on the Google Hackers</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Joseph Menn has an article on CNN.com wherein the crux of the story is that US experts are closing in on the hackers that broke into Google last month. It is believed by some that the Chinese government sponsored these hackers. China, naturally, denied involvement. My own take is that tools today are sophisticated enough such that you don't necessarily need state sponsorship in order to launch a cyber attack. <a href="https://circleid.com/posts/20100225_closing_in_on_the_google_hackers" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 26, 2010</li> <li>Comments: 2</li> <li>Views: 9,348</li> </ul> </div> <h3><a href="https://circleid.com/posts/is_australia_a_hot_bed_of_zombie_activity">Is Australia a Hot-Bed of Zombie Activity?</a></h3> <div class="byLine">Related Topics: <a href="/topics/access_providers" class="red">Access Providers</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> About a week ago, I <a href="http://www.circleid.com/posts/20100129_australia_booting_infected_computers_off_their_networks/">posted</a> that Australia was getting ISPs to <a href="http://www.theaustralian.com.au/news/call-to-cut-net-link-on-virus-hit-computers/story-e6frg6n6-1225823060022">boot</a> infected computers off of their network. I commented on whether or not this was a good policy. However, there was one thing in that article that I wanted to comment on but didn't... <a href="https://circleid.com/posts/is_australia_a_hot_bed_of_zombie_activity" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 09, 2010</li> <li>Comments: 1</li> <li>Views: 8,557</li> </ul> </div> <h3><a href="https://circleid.com/posts/20100129_australia_booting_infected_computers_off_their_networks">Australia Booting Infected Computers Off Their Networks</a></h3> <div class="byLine">Related Topics: <a href="/topics/access_providers" class="red">Access Providers</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> The Australian has a good article describing the efforts some of their ISPs are making in an attempt to clean up their act: the government is encouraging ISPs to detect computers on their network that are infected and part of botnets, and to communicate to the customer that their system is compromised... Unless the customer feels a little bit of pain they will not change their ways. <a href="https://circleid.com/posts/20100129_australia_booting_infected_computers_off_their_networks" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jan 29, 2010</li> <li>Comments: 0</li> <li>Views: 9,487</li> </ul> </div> <h3><a href="https://circleid.com/posts/20091105_the_story_of_conficker_and_industry_response">The Story of Conficker and the Industry Response</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/new_tlds" class="red">New TLDs</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> On November 2, 2009, Microsoft released its seventh edition of the <em>Security and Intelligence Report (SIR)</em>. The SIR provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The following is an excerpt from the SIR, pp 29-32, about the Conficker worm and the industry response that showed an incredible amount of collaboration across vendors. <a href="https://circleid.com/posts/20091105_the_story_of_conficker_and_industry_response" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 06, 2009</li> <li>Comments: 1</li> <li>Views: 12,306</li> </ul> </div> <h3><a href="https://circleid.com/posts/20091013_are_hotmail_yahoo_gmail_seeing_increase_in_spam">Compromised Accounts - Are Hotmail, Yahoo and Gmail Seeing an Increase in Spam Sent Out?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Last week, I <a href="http://www.circleid.com/posts/20091008_yahoo_gmail_hotmail_compromised_but_how/">commented</a> on the the Gmail/Hotmail/Yahoo username and password leak. The question we now ask is whether or not we are seeing an increased amount of spam from those services. On another blog, they were <a href="http://www.allspammedup.com/2009/10/spam-from-sites-involved-in-data-breach-increases-dramatically/">commenting</a> that various experts were claiming that this is the case. <a href="https://circleid.com/posts/20091013_are_hotmail_yahoo_gmail_seeing_increase_in_spam" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 13, 2009</li> <li>Comments: 0</li> <li>Views: 11,780</li> </ul> </div> <h3><a href="https://circleid.com/posts/20091008_yahoo_gmail_hotmail_compromised_but_how">Yahoo, Gmail, Hotmail Compromised - But How?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> One of the bigger news stories is that of 10,000 usernames and passwords of Hotmail users were posted this past week, victims of a phishing scam... It seems unlikely to me that this would be a hack where someone would break into Hotmail's servers and access the account information that way. It is much more likely that the spammers got the information by social engineering. Why is this more likely? For one, they'd have to get past all of the firewalls and security measures that Microsoft/Hotmail have to keep intruders out. <a href="https://circleid.com/posts/20091008_yahoo_gmail_hotmail_compromised_but_how" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 09, 2009</li> <li>Comments: 3</li> <li>Views: 49,830</li> </ul> </div> <h3><a href="https://circleid.com/posts/the_multinational_nature_of_spam">The Multinational Nature of Spam</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> I received a spam message the other day that went to my Junk Mail Folder. I decided to take a look at it and dissect it piece by piece. It really is amazing to see how spam crosses so many international borders and exploits so many different machines. Spammers have their own globally redundant infrastructure and it highlights the difficulties people have in combating the problem of it. <a href="https://circleid.com/posts/the_multinational_nature_of_spam" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 05, 2009</li> <li>Comments: 0</li> <li>Views: 9,359</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090819_oh_spammer_where_art_thou">Oh, Spammer, Where Art Thou?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> A few weeks ago, I posted a <a href="http://www.circleid.com/posts/20090717_think_china_highest_spamming_country_think_again/">piece</a> on where individuals spammers were located in terms of sending IP. The United States was number 1, followed by China. This is in terms of total volume of spam that they send. However, a second piece of data that I did not take a look at was where all of the individual spam sites contained within the spam was located. For example, does a lot of spam sent from the United States point to spammy URLs hosted in China? <a href="https://circleid.com/posts/20090819_oh_spammer_where_art_thou" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 19, 2009</li> <li>Comments: 5</li> <li>Views: 10,992</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090811_twitter_ddos_the_motivations_behind_the_attack">Twitter, DDoS and the Motivations Behind the Attack</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/ddos_attack" class="red">DDoS Attack</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> As we all know by now, last week, on Thursday, August 7, Twitter was hit with a denial-of-service attack that took it down for several hours. Other social networking sites like Facebook, LiveJournal, Youtube and Blogger were also hit. They managed to repel the attack although Facebook was not quite as successful as the other larger players. The theory floating about at the moment is that this was a politically oriented play designed to target one guy: a blogger. We are nearing the 1-year anniversary of a the Russian/Georgian 2008 war. There is a pro-Georgian blogger by the username of "Cyxymu" who had accounts on all of these services. <a href="https://circleid.com/posts/20090811_twitter_ddos_the_motivations_behind_the_attack" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 11, 2009</li> <li>Comments: 0</li> <li>Views: 9,122</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090717_think_china_highest_spamming_country_think_again">Think China Is the Highest Spamming Country? Think Again</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,  <a href="/topics/web" class="red">Web</a>,</div> <p> In my department, we block about 92% of our total email (around 2.5 billion per day) at the network edge without accepting the message. When we do that, we don't see any traffic from that IP anymore and don't keep stats on it due to the overwhelming volume of mail. However, we do keep stats on mail that we block with our content filter. I decided to go and calculate how much spam we receive from each country by mapping the source IP back to its source country... <a href="https://circleid.com/posts/20090717_think_china_highest_spamming_country_think_again" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jul 17, 2009</li> <li>Comments: 10</li> <li>Views: 18,453</li> </ul> </div> <h3><a href="https://circleid.com/posts/20050505_cyber_security_and_white_house_cyberwarfare">Cyber Security and the White House, Part 2 - Cyberwarfare</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> This is a follow-up to my previous <a href="http://www.circleid.com/posts/20090505_cyber_security_and_white_house/">post</a> on Cybersecurity and the White House. It illustrates an actual cyberwarfare attack against Estonia in 2007 and how it can be a legitimate national security issue. Estonia is one of the most wired countries in eastern Europe. In spite of its status of being a former Soviet republic, it relies on the internet for a substantial portion of everyday life -- communications, financial transactions, news, shopping and restaurant reservations all use the Internet. Indeed, in 2000, the Estonian government declared Internet access a basic human right... <a href="https://circleid.com/posts/20050505_cyber_security_and_white_house_cyberwarfare" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 05, 2009</li> <li>Comments: 2</li> <li>Views: 10,362</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090505_cyber_security_and_white_house">Cyber Security and the White House</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/ddos_attack" class="red">DDoS Attack</a>,  <a href="/topics/networks" class="red">Networks</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> A few months ago, an <a href="http://arstechnica.com/news.ars/post/20081210-should-cybersecurity-be-managed-from-the-white-house.html">article</a> appeared on arstechnica.com asking the question "Should cybersecurity be managed from the White House?" During the recent presidential elections in the United States and the federal elections in Canada, the two major players in both parties had differing views that crossed borders. In the US, the McCain campaign tended to favor free market solutions to the problem of cybersecurity, and the Conservatives in Canada took a similar position... <a href="https://circleid.com/posts/20090505_cyber_security_and_white_house" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 05, 2009</li> <li>Comments: 0</li> <li>Views: 10,192</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090112_spam_fighting_lessons_jack_bauer">Spam Fighting: Lessons from Jack Bauer?</a></h3> <div class="byLine">Related Topics: <a href="/topics/cyberattack" class="red">Cyberattack</a>,  <a href="/topics/cybercrime" class="red">Cybercrime</a>,  <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/law" class="red">Law</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> As I <a href="http://blogs.msdn.com/tzink/archive/2008/02/05/maybe-the-north-dakota-judge-should-watch-more-south-park.aspx">blogged</a> about several months ago, as did numerous other anti-spam bloggers, David Ritz was sued by Jeffrey Reynolds and a judge in North Dakota agreed with Reynolds. At the heart of the case was that Ritz engaged in anti-spam activities using techniques known only to a small subset of advanced computer users, and used these techniques maliciously against Reynolds... Back in the olden days of spam fighting, some anti-spammers used to use malicious techniques against spammers in order to shut them down... <a href="https://circleid.com/posts/20090112_spam_fighting_lessons_jack_bauer" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jan 12, 2009</li> <li>Comments: 12</li> <li>Views: 15,757</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090101_top_10_spam_stories_of_2008">Top 10 Spam Stories of 2008</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> Well, it's a yearly tradition in the western hemisphere that at the end of the year, we compose a top 10 list of the 10 most <insert description here>. Since it is now 2009, I thought that I would create my own list of the top 10 spam stories of 2008. Now, not all of these will be universally applicable to everyone, they are the top 10 stories as seen by me. <a href="https://circleid.com/posts/20090101_top_10_spam_stories_of_2008" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Jan 01, 2009</li> <li>Comments: 3</li> <li>Views: 16,345</li> </ul> </div> <h3><a href="https://circleid.com/posts/20081111_wall_street_bailout_botnet_lesson">Wall Street Bailout: Could Learn a Thing or Two From Botnets</a></h3> <div class="byLine">Related Topics: <a href="/topics/ddos_attack" class="red">DDoS Attack</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Well, at this point, the government is well on its way to bailing out Wall Street from its own incompetence, putting taxpayers on the hook for $700 billion. The worst part is that as Treasury Secretary Hank Paulson puts it, "You're worried about taxpayers being on the hook? Well, guess what? They're already on the hook!" I read that and said "Aw, crap..." Anyhow, Wall Street should maybe learn something from botnet operators. For you see, botnets are not just for sending spam anymore. The bots have diversified their holdings... <a href="https://circleid.com/posts/20081111_wall_street_bailout_botnet_lesson" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 12, 2008</li> <li>Comments: 0</li> <li>Views: 9,025</li> </ul> </div> <h3><a href="https://circleid.com/posts/88184_cnn_spam_outbreak">CNN Spam Outbreak Quickly Morphing Into a New Breed</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> This past week we have been seeing some heavy CNN spam -- that is, spam in the form of breaking news stories from CNN.com... These all look like legitimate news stories, and indeed, they probably are taken straight from an actual CNN news bulletin (I don't subscribe so I wouldn't know). Indeed, the unsubscribe information and Terms of Use actually link to actual CNN unsubscribe pages. However, if you mouse-over all of the news links, they go to a spam web page wherein the payload is either a spam advertisement or you click on another link to download a file and flip your computer into a botnet. <a href="https://circleid.com/posts/88184_cnn_spam_outbreak" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 10, 2008</li> <li>Comments: 1</li> <li>Views: 14,594</li> </ul> </div> <h3><a href="https://circleid.com/posts/coders_crackers_bots">Coders, Crackers and Bots, Oh My!</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> There are more than just blue, black and white hat hackers. There are a few more types of folks out there that don't fit into the above categories. This article is taken from Stratfor with some commentary by myself... Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers... <a href="https://circleid.com/posts/coders_crackers_bots" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 07, 2008</li> <li>Comments: 0</li> <li>Views: 10,047</li> </ul> </div> <h3><a href="https://circleid.com/posts/black_hats_white_hats_crackers_bots">Black Hats, White Hats, Crackers and Bots</a></h3> <div class="byLine">Related Topics: <a href="/topics/cybersecurity" class="red">Cybersecurity</a>,  <a href="/topics/spam" class="red">Spam</a>,  <a href="/topics/threat-intelligence" class="red">Threat Intelligence</a>,</div> <p> One of the other web sites I subscribe to is <a href="http://www.stratfor.com/">Stratfor</a>. It's a global intelligence website and doesn't really have much to do with spam. But I like politics so I read it. They have some articles which you can get for free, but the better stuff you have to pay for. About two weeks ago, they ran a three-part series on Cyberwarfare. The first article was the title of this post, which you can access <a href="http://www.stratfor.com/analysis/cyberwarfare_101_black_hats_white_hats_crackers_and_bots">here</a> (requires registration). In the article they described different types of cybercriminals and not-so-criminals which they referred to under the umbrella as "hackers." <a href="https://circleid.com/posts/black_hats_white_hats_crackers_bots" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>May 07, 2008</li> <li>Comments: 0</li> <li>Views: 14,001</li> </ul> </div> <h3><a href="https://circleid.com/posts/82225_ip_addresses_personally_identifiable_information">IP Addresses and Personally Identifiable Information</a></h3> <div class="byLine">Related Topics: <a href="/topics/dns" class="red">DNS</a>,  <a href="/topics/internet_governance" class="red">Internet Governance</a>,  <a href="/topics/ipv4-markets" class="red"> IPv4 Markets</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/policy_regulation" class="red">Policy & Regulation</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> I don't normally cheer for Google when I don't own shares in the company, but this time I will make an exception. Alma Whitten, Software Engineer at Google, today <a href="http://googlepublicpolicy.blogspot.com/2008/02/are-ip-addresses-personal.html">posted </a>to their Public Policy Blog that IP addresses shouldn't be considered Personally Identifiable Information (PII). This is not a problem in the United States but it is in the EU, and if the EU actually were to legislate this it would most definitely affect Microsoft and Google's business functionality in the EU... <a href="https://circleid.com/posts/82225_ip_addresses_personally_identifiable_information" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 23, 2008</li> <li>Comments: 1</li> <li>Views: 21,538</li> </ul> </div> <h3><a href="https://circleid.com/posts/82169_yahoo_captcha_broken_spam">Circumstantial Evidence of Yahoo’s CAPTCHA Being Broken</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/malware" class="red">Malware</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> A couple of weeks ago, I read an <a href="http://news.yahoo.com/s/cmp/20080118/tc_cmp/205900620">article</a> on Yahoo that some outfit in Russia claimed to have broken Yahoo's <a href="http://en.wikipedia.org/wiki/CAPTCHA">CAPTCHA</a> for creation of new email accounts. Another blogger <a href="http://www.codinghorror.com/blog/archives/001001.html">wrote</a> that it was unlikely that the spamming outfit had achieved 100% success at breaking the CAPTCHA. Yet, in the past couple of weeks, I have noticed something that would seem to confirm the theory... <a href="https://circleid.com/posts/82169_yahoo_captcha_broken_spam" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 16, 2008</li> <li>Comments: 1</li> <li>Views: 13,223</li> </ul> </div> <h3><a href="https://circleid.com/posts/82311_microsoft_yahoo_buyout_anti_span">Microsoft’s Offer to Buy Yahoo: An Anti-Spam Point of View</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Last Friday, Microsoft made an unsolicited offer to buy Yahoo for $31 per share, representing over a 50% premium from Yahoo's then-share price. As an employee working for Microsoft in Exchange Hosted Services (i.e. spam filtering), I'd like to comment on this buyout offer. Leaving aside the question of whether or not this is a good deal for shareholders and what Microsoft's true motivations are for buying Yahoo (namely, to become the number 2 player in the search market), I'd like to look at it from an anti-spam point of view. <a href="https://circleid.com/posts/82311_microsoft_yahoo_buyout_anti_span" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Feb 04, 2008</li> <li>Comments: 3</li> <li>Views: 15,891</li> </ul> </div> <h3><a href="https://circleid.com/posts/711269_spam_kings_book_review_2">Spam Kings: Book Review (Part 2)</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> I'd like to continue on in my review of the book Spam Kings (read <a href="http://www.circleid.com/posts/711269_spam_kings_book_review_1/">part 1</a>) and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools. I was never a participant on NANAE (news.admin.net-abuse.email; a USENET newsgroup which discusses e-mail spamming), that was before my antispam time. But I was intrigued by its history. People would gather together and discuss spammers and tools for stopping them, and sometimes spammers would stop by and the flame wars would ensue. <a href="https://circleid.com/posts/711269_spam_kings_book_review_2" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 26, 2007</li> <li>Comments: 1</li> <li>Views: 12,325</li> </ul> </div> <h3><a href="https://circleid.com/posts/711269_spam_kings_book_review_1">Spam Kings: Book Review (Part 1)</a></h3> <div class="byLine">Related Topics: <a href="/topics/spam" class="red">Spam</a>,</div> <p> A few months ago, I purchased the book <a href="http://www.amazon.com/Spam-Kings-High-Rolling-Hucksters-Enlargements/dp/0596007329/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1195890495&sr=8-1">Spam Kings</a>, but only recently managed to get around to reading and finishing it. In case you've never read it, it chronicles the stories of some spammers and the anti-spammers who fought them. These anti-spammers are not people like myself in industry; rather, they are users who have received spam who hunt down the source of the spam and work to bring them down. <a href="https://circleid.com/posts/711269_spam_kings_book_review_1" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Nov 26, 2007</li> <li>Comments: 0</li> <li>Views: 11,144</li> </ul> </div> <h3><a href="https://circleid.com/posts/7101914_spammers_tactics_recipient_verification">Do Spammers Change Their Tactics Based on Recipient Verification? Yes, They Do</a></h3> <div class="byLine">Related Topics: <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Or, to be more precise, it sure looks like they do. I wrote on another <a href="https://blogs.msdn.com/tzink/archive/2007/10/15/publicly-available-spam-tool.aspx">post</a> on a publicly available spam tool, and I mentioned that I came across a page that allowed people to verify whether or not an email address is actually live. The question naturally arises: do spammers clean up their email contact lists based upon whether or not the address is legitimate? Spammers would have an incentive to do this... Do we actually observe spammers changing their sending patterns? I believe that we have evidence that they do. <a href="https://circleid.com/posts/7101914_spammers_tactics_recipient_verification" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Oct 19, 2007</li> <li>Comments: 1</li> <li>Views: 11,900</li> </ul> </div> <h3><a href="https://circleid.com/posts/782012_spammer_get_around_spf">How Spammers Get Around SPF</a></h3> <div class="byLine">Related Topics: <a href="/topics/dns" class="red">DNS</a>,  <a href="/topics/domain_names" class="red">Domain Names</a>,  <a href="/topics/email" class="red">Email</a>,  <a href="/topics/spam" class="red">Spam</a>,</div> <p> Sender Policy Framework (<a href="http://en.wikipedia.org/wiki/Sender_Policy_Framework">SPF</a>) stops novice spammers but not the professionals, says Spammer-X, a retired spammer who has gone into a lot of the details in his book, <em>"Inside the Spam Cartel"</em>. The best way to beat SPF is to join it... First, Joe Spammer rents a dedicated spam host in a spammer-friendly location, like China. Next, he registers 100 domain names, and each domain is registered under a fake name and address. Next, DNS entries for each of the hosts are set up, including a valid pointer record (PTR), an MX record and reverse DNS entries for each domain... <a href="https://circleid.com/posts/782012_spammer_get_around_spf" class="red"><span class="readmore">more</span></a> </p> <div class="postInfo pipedLinks"> <ul> <li>By <a href="https://circleid.com/members/2859" class="blue">Terry Zink</a></li> <li>Aug 20, 2007</li> <li>Comments: 6</li> <li>Views: 33,538</li> </ul> </div> </div> </div> </div> </div> <div class="colB"> <div class="colPad">  <h2 style="margin-bottom:10px;">Topic Interests</h2> <div style="padding:0 0 30px 0;line-height:20px;"> <a href="https://circleid.com/topicsprivacy"><strong>Privacy</strong></a>,  <a href="https://circleid.com/topicscybersecurity"><strong>Cybersecurity</strong></a>,  <a href="https://circleid.com/topicspolicy_regulation"><strong>Policy & Regulation</strong></a>,  <a href="https://circleid.com/topicsinternet_governance"><strong>Internet Governance</strong></a>,  <a href="https://circleid.com/topicscyberattack"><strong>Cyberattack</strong></a>,  <a href="https://circleid.com/topicscybercrime"><strong>Cybercrime</strong></a>,  <a href="https://circleid.com/topicsthreat-intelligence"><strong>Threat Intelligence</strong></a>,  <a href="https://circleid.com/topicsdns"><strong>DNS</strong></a>,  <a href="https://circleid.com/topicsdomain_names"><strong>Domain Names</strong></a>,  <a href="https://circleid.com/topicsspam"><strong>Spam</strong></a>,  <a href="https://circleid.com/topicsemail"><strong>Email</strong></a>,  <a href="https://circleid.com/topicsmalware"><strong>Malware</strong></a>,  <a href="https://circleid.com/topicsipv4-markets"><strong> IPv4 Markets</strong></a>,  <a href="https://circleid.com/topicsddos_attack"><strong>DDoS Attack</strong></a>,  <a href="https://circleid.com/topicslaw"><strong>Law</strong></a>,  <a href="https://circleid.com/topicsnetworks"><strong>Networks</strong></a>,  <a href="https://circleid.com/topicsweb"><strong>Web</strong></a>,  <a href="https://circleid.com/topicsnew_tlds"><strong>New TLDs</strong></a>,  <a href="https://circleid.com/topicsaccess_providers"><strong>Access Providers</strong></a>,  <a href="https://circleid.com/topicsregistry_services"><strong>Registry Services</strong></a>,  <a href="https://circleid.com/topicswhois"><strong>Whois</strong></a>,  <a href="https://circleid.com/topicsicann"><strong>ICANN</strong></a>,  <a href="https://circleid.com/topicsipv6-transition"><strong>IPv6 Transition</strong></a>,  <a href="https://circleid.com/topicsmobile_internet"><strong>Mobile Internet</strong></a>,  <a href="https://circleid.com/topicsnet_neutrality"><strong>Net Neutrality</strong></a>,  <a href="https://circleid.com/topicsdata_center"><strong>Data Center</strong></a>,  <a href="https://circleid.com/topicscloud_computing"><strong>Cloud Computing</strong></a>,  <a href="https://circleid.com/topicsinternet_protocol"><strong>Internet Protocol</strong></a>,  <a href="https://circleid.com/topicscensorship"><strong>Censorship</strong></a> </div>  <h2>Recent Comments</h2> <div class="postListMini" style="padding:0 0 15px 0;"> <div class="cmntList"> <strong><a href="https://circleid.com/posts/20120213_how_frequently_do_botnets_reuse_ip_addresses/#8619">How Frequently Do Botnets Reuse IP Addresses?</a></strong> <div class="byLine">Feb 13, 2012 5:23 PM PST</div> </div> <div class="cmntList"> <strong><a href="https://circleid.com/posts/20110815_spam_continues_to_drop/#8188">Spam Continues to Drop</a></strong> <div class="byLine">Aug 24, 2011 2:49 AM PDT</div> </div> <div class="cmntList"> <strong><a href="https://circleid.com/posts/20110815_spam_continues_to_drop/#8185">Spam Continues to Drop</a></strong> <div class="byLine">Aug 23, 2011 6:03 PM PDT</div> </div> <div class="cmntList"> <strong><a href="https://circleid.com/posts/20110815_spam_continues_to_drop/#8181">Spam Continues to Drop</a></strong> <div class="byLine">Aug 23, 2011 4:11 PM PDT</div> </div> <div class="cmntList"> <strong><a href="https://circleid.com/posts/20110815_spam_continues_to_drop/#8173">Spam Continues to Drop</a></strong> <div class="byLine">Aug 17, 2011 11:51 PM PDT</div> </div> </div>   <h2>Popular Posts</h2> <div class="postListMini" style="padding:0 0 30px 0;"> <h3 style="padding-top:0;margin-top:0;border:none;"><a href="https://circleid.com/posts/20091008_yahoo_gmail_hotmail_compromised_but_how">Yahoo, Gmail, Hotmail Compromised - But How?</a></h3> <div class="byLine pipedLinks"> <ul> <li>Oct 09, 2009</li> <li>Comments: 3</li> <li>Views: 49,830</li> </ul> </div> <h3><a href="https://circleid.com/posts/782012_spammer_get_around_spf">How Spammers Get Around SPF</a></h3> <div class="byLine pipedLinks"> <ul> <li>Aug 20, 2007</li> <li>Comments: 6</li> <li>Views: 33,538</li> </ul> </div> <h3><a href="https://circleid.com/posts/20120215_anonymous_plans_to_go_after_dns_root_servers">Anonymous Plans to Go After DNS Root Servers. What Will Be the US’s Response?</a></h3> <div class="byLine pipedLinks"> <ul> <li>Feb 15, 2012</li> <li>Comments: 7</li> <li>Views: 25,798</li> </ul> </div> <h3><a href="https://circleid.com/posts/82225_ip_addresses_personally_identifiable_information">IP Addresses and Personally Identifiable Information</a></h3> <div class="byLine pipedLinks"> <ul> <li>Feb 23, 2008</li> <li>Comments: 1</li> <li>Views: 21,538</li> </ul> </div> <h3><a href="https://circleid.com/posts/20090717_think_china_highest_spamming_country_think_again">Think China Is the Highest Spamming Country? Think Again</a></h3> <div class="byLine pipedLinks"> <ul> <li>Jul 17, 2009</li> <li>Comments: 10</li> <li>Views: 18,453</li> </ul> </div> </div> </div> </div> <div class="clear"></div> </div> <div id="footer"> <div id="footerContent"> <div style="float:left;"> <a href="/"><img src="/images/circleid.svg" border="0" style="width:140px;opacity: 0.9;" /></a><br /> <p style="font-size:14px;padding:11px 0 15px 0;margin:0;">A World-Renowned Source for Internet Developments. Serving Since 2002.</p> </div> <div style="float:right;"> <p style="font-size:12px;padding:0 0 10px 0;margin:0;line-height:1em;text-align:right;letter-spacing:0.05em;">FOLLOW</p> <a href="https://x.com/circleid" class="socialIcon"><i class="fa-brands fa-square-x-twitter"></i></a> <a href="https://www.facebook.com/circleid/" class="socialIcon"><i class="fa-brands fa-square-facebook"></i></a> <a href="https://www.linkedin.com/company/circleid" class="socialIcon"><i class="fa-brands fa-linkedin"></i></a> <a href="http://feeds.circleid.com/cid_master/" class="socialIcon"><i class="fas fa-rss-square"></i></a> </div> <div id="links" class="clear"> CIRCLEID:   <a href="https://circleid.com/about">About</a>  |  <a href="https://circleid.com/about/contact">Contact Us</a> <br /> SECTIONS:   <a href="/">Home</a>  |  <a href="https://circleid.com/topics">Topics</a>  |  <a href="https://circleid.com/blogs">Featured Blogs</a>  |  <a href="https://circleid.com/news">News Briefs</a>  |  <a href="https://circleid.com/industry">Industry Updates</a>  |  <a href="https://circleid.com/community">Community</a> <br /> TERMS OF USE:   <a href="https://circleid.com/about/codes">Codes of Conduct</a>  |  <a href="https://circleid.com/about/privacy">Privacy Policy</a>  |  <a href="https://circleid.com/about/terms">Terms of Use</a> <br /><br /> Copyright © 2002-2025 CircleID. All rights reserved unless where otherwise noted. <br />Local Time: Sunday, March 30, 2025 11:22 PM PDT – Page Load: 2.7323 Sec. </div> </div> </div> </body> </html>