email | Page 2


Email has been in the news a lot lately, occasionally regarding phishing and recent attacks, but more often as a persistent talking point in the run up to 2016 Presidential elections. Politics aside, though, email is a sticky wicket. It's used almost universally in enterprise settings in both business and the public sector. But consider the fun, geeky issues here. What are the implications when an e-mail is sent and it contains nothing classified or sensitive, but it becomes classified months later? Even better, let's say it's a lengthy... [Read More]
by RSS Evan Schuman  |  Oct 08, 2015  |  Filed in: Industry Trends
A few weeks ago, we received a file that was being spread as an attachment in a spear phishing email. The sample, which we are detecting as W32/Byanga.A!tr, turns out to be a dropper for a bot which, if active in an organization’s system, has the capability to perform malicious activities that can be very damaging to the targeted organization. This post discusses what this particular malware can do. The Dropper The dropper used a Chinese file name, which translates to “Upcoming Events Schedule”.  It also uses a Microsoft... [Read More]
by RSS Margarette Joven  |  Jan 14, 2015  |  Filed in: Security Research
A recent news article described email as the undying "cockroach of the Internet". To validate this statement, seeing some of the Android malware samples I've analyzed recently, malware authors might share that sentiment. In 2013, we saw the first Android botnet variant that used email as a means to 'call home'. However, over the past few months there has been a surge in the number of samples discovered that follow suit (thanks to Crypto Girl for the observation). The table below lists all such variants we've seen so far : Variant Name Date... [Read More]
by RSS Ruchna Nigam  |  Sep 15, 2014  |  Filed in: Security Research
A: Email is totally insecure. Despite this fact, it is relied upon for some of our most critical personal and business communications. Circa 1980, The Simple Mail Transfer Protocol (SMTP) was designed without even a glimmer of what the internet would become. Security was not as paramount a concern as it is now; it never made it into the protocol. Changing this has been an uphill struggle due to the sheer number of mail servers and users who rely on them. Even today, by default, email is sent in plain text (if both servers do not already use... [Read More]
by RSS Carl Windsor  |  Nov 14, 2013  |  Filed in: Security Q & A
In the spirit of all the ghosts and ghouls that creep through our inboxes every day we posted a short quiz to see just how savvy our audience was at identifying phishing emails. The results are in and we cannot deny that we are slightly amused. We would like to thank everyone who participated, all 295 of you. The Results: The beginning of the quiz separated each respondent into one of 3 groups: -Absolute beginners -Your average netizen -Veteran security professionals As expected, the veterans scored just a little bit better than everyone else,... [Read More]
by RSS Michael Perna  |  Nov 12, 2013  |  Filed in: Industry Trends
Advanced Persistent Threats (APTs) usually start off with using a common tactic, which is through a spear phishing email. Disguised as coming from a well-known organization, the email certainly draws the user's attention, as seen in the one that I've recently received. Figure 1: Spear phishing email The unsuspecting user may open up the attached ZIP file and double click the extracted file, which turns out to be malware. This particular malware, which we detect as W32/Bublik.BDYG!tr, is found to be a simple downloader which is relatively small... [Read More]
by RSS Danny Choi  |  Oct 28, 2013  |  Filed in: Security Research
A: Reset your password and security questions, run a virus scan, and hope for the best. Beyond the basics, there are a few more considerations when your Gmail (or any other account for that matter) has been breached. Google offers two-factor authentication, enabling this should be one of your first steps. Two-factor authentication requires anyone logging into your account to not only know your username and password, but also retrieve a time sensitive token. This security token is usually a 5 digit number sent to your cell phone or your... [Read More]
by RSS Michael Perna  |  Oct 04, 2013  |  Filed in: Security Q & A
Spear phishing attacks are increasing today and the FBI has even issued a warning to the public due to its ability to target multiple organizations. Such attacks are considered as a part of APTs (Advanced Persistent Threats), which attempt to gain a foothold in the network of an organization. Recently, my email inbox has received two spam emails with suspicious attachments. A screenshot of one of the emails can be seen below: Figure 1: Spam email. I have collected the attachments of the two emails and found that they are the same file, which... [Read More]
by RSS Danny Choi  |  Aug 27, 2013  |  Filed in: Security Research
Many security and technology writers have had similar thoughts as this author has in regards to Yahoo's plan to recycle inactive email addresses (my previous post is here if you'd like to take a look). In response to Mat Honan's of Wired query to Yahoo for more comment, Yahoo made the following statement: "Our goal with reclaiming inactive Yahoo! IDs is to free-up desirable namespace for our users. We're committed and confident in our ability to do this in a way that's safe, secure and protects our users' data. It's important to note that the... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends
Yahoo announced last week that they're going to release what may be hundreds of thousands of inactive or unused @yahoo.com email addresses starting next month. While on the surface this seems like a good idea, it's really not. Here's a personal story that shows what can happen when a company decides to recycle unused email addresses: I had a friend years ago who wanted to sell some things on eBay, but was absolutely flummoxed as to what to do. So I walked her through the whole process. When it came to accepting payments, she asked if she could... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends