close
  • Sp chevron_right

    Vegan spam? Again? I can't even.

    pubsub.slavino.sk / spam_resource · 2 days ago - 12:00

This isn't the first time I've blogged about vegan SPAM , which is a sentence I never thought I would write. But here we are, and it's making my brain hurt.

From VegNews: "Hormel Foods Corporation—known best for its canned meat product SPAM—is developing new plant-based meat alternatives. Under an exclusive partnership with food-technology company The Better Meat Co., Hormel’s venture company 199 Ventures will work to bring new plant-based meat products to the market using The Better Meat Co.’s unique fermentation technologies."

Read more about it here . Also, WHUT?!


Značky: #friday, #spam, #silly, #Network, #food

  • Sp chevron_right

    Ask Al: Help! I'm getting bounces for mail I didn't send

    pubsub.slavino.sk / spam_resource · Monday, 27 September - 12:00 · 4 minutes

help2.gif
Help! I'm getting mail from MAILER-DAEMON@(various domains) with subject lines like: Delivery Status Notification (Failure), failure notice, Mail delivery failed: returning message to sender, Message Delivery Failure - Mail Delivery System, **Message you sent was blocked by our bulk email filter**, Recapito fallito, Returned mail: see transcript for details, Undelivered Mail Returned to Sender. These all seem to be bounces back from mail I didn't send. What is happening and how do I make it stop?

In this case, my friend (the person experiencing this pain) owns their own domain name. What's happening here is that spammers are forging email addresses at their domain, using them as from addresses for their unwanted, garbage spam runs, so that bounces back from the spam come to them, because the spammer doesn't care about or want to process bounces.

The good news is, as I mentioned all the way back in 2013 , is that spammers don't tend to fixate on one domain name or email address forever, so they'll probably move on to annoying somebody else shortly. But there are a few things you can do, as a domain owner, to help minimize the chances of having to receive these unwanted bounces:

  • Implement a Sender Policy Framework (SPF) DNS record for your domain name, specifying the IP addresses that are meant to send mail for your domain. Set it to " dash all " -- you want ISPs to know that they should be free to filter mail more harshly if it fails SPF validation checks.
  • Implement DKIM for your email sends. Even at the SMB level, most mail platforms provide instructions on how to configure things so that your email sends will all be authenticated via a DKIM signature. If you can't easily do this, SPF is quite likely "good enough" -- but if you can implement DKIM, you should. In some cases it's going to provide more robust email authentication compared to SPF. (I could spend another six pages diving into why I think that's the case, but in the interest of helping you move on with your life, I'll spare you.)
  • Implement DMARC . DMARC can be a bit scary in that you have to make sure all of the email you send legitimately is authenticated with SPF or DKIM. But, especially at the SMB level, you can do this. It's not hard, and don't let yourself be scared -- there are tools (like the colorful Mail Tester ) that will help you test your email authentication settings to make sure you've got it right. But the key here is that enabling DMARC, with a restrictive policy like p=reject, tells ISPs to block mail that purports to be from you, but doesn't pass SPF or DKIM. You don't HAVE to work with a DMARC monitoring partner to enable DMARC -- you can publish a TXT record for _dmarc.(your domain) that contains nothing more than "v=DMARC1; p=reject;" (without quotes) and that'd do it.

DMARC is the key there. Turning that on means your domain name is no longer going to be useful to deliver spam to ISPs (like Gmail) that will block mail that fail DMARC. It makes your domain name much less palatable as an unauthorized spam sending domain.

Bonus tip: If you own your own domain name and use it for email with something like Google Workspace, there's another setting you should look for and configure: The wildcard or catch-all email setting . It can be handy (and quite useful) to configure your email service to accept mail to any address at your domain -- for example, it can be used to create custom email addresses for different registration forms -- give irs@yourdomain to your accountant and bestbuy@yourdomain to the electronics retailer, so you can track usage and/or turn off an address later, if you want. Unfortunately, if you leave "catch-all" forwarding on, that means if a spammer makes up the address ihateyourguts@yourdomain and sends a bunch of spam, those bounces are going to come back to the "ihateyourguts" address and end up in your inbox. If you turn off the catch-all, that puts a stop to that. I know, it's a bummer to turn off the easy custom address ability, but it's something to consider -- weigh the plusses and minuses of being able to receive mail at any address at your domain, versus the unintended side effects of receiving unwanted "backscatter" bounces.

I helped my friend implement all of these -- including disabling "catch-all" email forwarding (while helping them build a manual list of email aliases to continue forwarding to their main inbox) -- and we think it helped. It's not like we did a scientific study, but the bounces dropped off and disappeared pretty quickly. I think the spammers moved on to greener pastures.

If you're new to all of this and wondering what SPF, DKIM and DMARC DNS records look like, here are the ones for spamresource.com: SPF , DKIM , DMARC . The SPF record contains the IP addresses of a couple of servers I own as well as an include showing that I utilize Google Workspace. The DKIM record (called a DKIM public key) is a DNS string provided by Google Workspace's DKIM configuration tool, and the DMARC record is just a very simple "tell ISPs to reject it if it doesn't pass authentication."


Značky: #forgery, #help, #spam, #Network, #backscatter, #bounces, #spf, #dkim, #dmarc

  • Ar chevron_right

    If you’re getting bombarded with FaceTime group calls, you’re not alone

    news.movim.eu / ArsTechnica · Monday, 15 March, 2021 - 21:17

A middle-aged woman sitting in the kitchen at the glass table

Enlarge (credit: Getty Images )

FaceTime users are getting bombarded with group calls from numbers they’ve never seen before, often as many as 20 times in short succession during late hours of the night.

Griefers behind the pranks call as many as 31 numbers at a time. When a person receiving one of the calls hangs up, a different number will immediately call back. FaceTime doesn’t have the ability to accept only FaceTime calls coming from people in the user’s address book. It also requires all numbers in a group call must be manually blocked for the call to be stopped.

“I got my first facetime spam starting 4 days ago,” one user reported to an Apple support forum earlier this month. “It has been non-stop, over 300 numbers blocked so far. My 3 year old daughter has been accidentally answering them and going on video without a t-shirt on.”

Read 8 remaining paragraphs | Comments

index?i=0jyQ8m2o_yE:PAdScNDEpj0:V_sGLiPBpWUindex?i=0jyQ8m2o_yE:PAdScNDEpj0:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Fo chevron_right

    What Is The Difference: Viruses, Worms, Ransomware, Trojans, Malware, Spyware, Rootkit

    pubsub.do.nohost.me / FossBytes · Monday, 15 March, 2021 - 09:48 · 8 minutes

types of malware

If you are among the people who consider malware, worms, and viruses to be the same thing, then you’re on the wrong track. Malware is an umbrella term for malicious software which includes all sorts of harmful elements like viruses, trojans, ransomware, bots, spyware, etc. So, let’s tell you about them in detail.

Have you ever tried to understand the difference between virus, trojan, worm, spyware, and malware? Even though they are meant to harm your device, steal your data, and spy on you, why are they named so differently? Basically, terms like viruses, trojans are all types of malicious software, or simply, malware.

Now, the first and foremost question arises, from where did the malware come? Who created the first virus?

Clearly, they are not some outer planet species, trying to harm us. In fact, the real truth is that they were not even created with an intention to harm someone.

The mention of malware goes back to 1949 when John von Neumann first developed the theoretical base for self-duplicating automation programs, but the technical implementation was not feasible at that time. The term “Computer Virus” was first used by Professor Leonard M. Adleman in 1981 in a conversation with Fred Cohen.

World’s first computer virus named ‘Brain’ was coded by two brothers, Basit Farooq Alvi and Amjad Farooq Alvi , who were from Lahore, Pakistan. Brain was meant to infect storage media based on MS-DOS FAT file systems. It was originally designed to infect the IBM PC; it replaced the boot sector of its floppy disk with the virus. The virus program changed the disk label to ©Brain and the defected boot sectors displayed this message:

Welcome to the Dungeon (c) 1986 Basit & Amjads (pvt) Ltd VIRUS_SHOE RECORD V9.0 Dedicated to the dynamic memories of millions of viruses who are no longer with us today – Thank GOODNESS!! BEWARE OF THE er..VIRUS: this program is catching program follows after these messages….$#@%$@!!

However, as you may presume, there was no evil intention behind this. Alvi brothers once justified Brain in their interview with TIME magazine; they created the virus only to protect their medical software from piracy. It was their countermeasure against copyright infringement acts.

Coming back to Malware, this is a malicious software designed to harm a computer that may or may not be connected to a network. Malware only gets into action when there is computer hardware involved in the game. Otherwise, the term Malware is of no use.

What are the types of Malware?

What is a Worm?

Worms are malware computer programs which have the ability to replicate themselves. Their sole objective is to increase their population and transfer themselves to another computer via the internet or through storage media. They operate like spies involved in a top-secret mission, hiding their movement from the user.

Worms don’t cause any harm to the computer; their replicating nature consumes hard drive space, thus, slowing down the machine. A couple of the infamous worms are SQL Blaster which slowed the internet for a small period and Code Red which took down almost 359,000 websites.

What is a Virus?

Viruses also have the ability to replicate themselves, but they do damage files on the computer they attack. Their main weakness lies in the fact that viruses can get into action only if they have the support of a host program. Otherwise, they’re just like a defeated warrior. They stick themselves to songs, videos, and executable files and travel all over the internet. W32.Sfc!mod, ABAP.Rivpas.A, Accept.3773 are some of the examples of virus programs.

The Virus Gang (Types of Computer Virus):

  • File Viruses
  • Macro Viruses
  • Master Boot Record Viruses
  • Boot sector Viruses
  • Multi-Partite Viruses
  • Polymorphic Viruses
  • Stealth Viruses

Feel free to Google any one of them if you like.

What is a Trojan?

Trojans are not like viruses or worms, and they are not meant to damage or delete files on your system. Their principal task is to provide to a backdoor gateway for malicious programs or malevolent users to enter your system and steal your valuable data without your knowledge and permission. JS.Debeski.Trojan is an example of Trojan.

Trojans derive their name from the ‘Trojan Horse’ tale in which the Greeks entered the city of Troy with the help of a wooden horse disguised as a gift. But the Trojan turned out to be a sweet poison, as depicted in the movie Troy.

The Trojan Gang (Types of Trojan):

  • Remote Access Trojans
  • Data Sending Trojans
  • Destructive Trojans
  • Proxy Trojans
  • FTP Trojans
  • Security Software Disabler Trojans
  • Denial-Of-Service Attack Trojans

Feel free to Google anyone of them if you like.

What is an Adware?

Adware are used to display advertisements on your computer’s desktop or inside individual programs. They generally come attached with free-to-use software. They are the primary source of revenue for the developers of those software programs.

Adware can’t be entirely described as Malware as they have no intention to harm your machine, they only track what advertisements you’re more interested in viewing and display the relevant ads on your computer screen. For some people, this can be alarming as it’s a breach of their privacy. Also, an attacker can stuff malicious code inside an adware program and use it to monitor users’ machine and even compromise it.

What is Rootkit?

Rootkits are a very dangerous category of malware as they are created with an aim to get remote access to a computer with full administrative privileges. Generally, a rootkit is a collection of different programs that work in a coordinated fashion to gain access and conceal its existence. They are also difficult to stop as they employ additional obfuscation mechanisms to hide their presence on the computer.

What is a Spyware?

Spyware programs also come attached with freeware. They track your browsing habits and other personal details and send it to a remote user. They can also facilitate installation of unwanted software from the internet. Unlike Adware, they work as a standalone program and do their operations silently.

What is a Spam?

You get very irritated when you receive unwanted emails from unknown senders; these are called Spams or junk emails. And the process of flooding the internet with the same message is called Spamming, done for the purpose of commercial advertising. These junk emails may sometimes contain Viruses or Trojans that enter your system as soon as you open the mail.

What is a Bot?

Bots or robots are automated processes that are designed to interact over the internet without the need of human interaction. They can be used for good and bad intentions. An evil-minded person can create a malicious Bot that is capable of infecting the host on its own. After transmitting itself to the host device, a Bot creates a connection with central servers which act as the command centers for the all infected hosts attached to that network called Botnet.

A bot’s skills include stealing passwords, logging keystrokes, analyzing network traffic, relay spam, launching DoS (Denial of Service) attacks, and opening backdoors on infected hosts.

Bots can be seen as the advanced form of Worms. Their infection rate and the tactic is more effective than that of Worms. These malicious Bots are created after a lot of hard work done by their malignant creators.

What is a Ransomware?

Ransomware is a type of malware that can alter the normal operation of your machine. It encrypts the data and prevents you from using your computer partially or wholly. Ransomware programs also display warning messages asking for money to get your device back to normal working condition.

What is a Keylogger?

As its name suggests, keylogger software is used to record the keystroke actions of a computer user. While it may be used for ethical purposes of measuring user behavior and engagement, the term is generally used for software that aims to record such actions without the knowledge of users. With a help of a keylogger, a notorious actor can know your email details, password, credit card details, messages you type, etc.

Why people create malware?

After reading all this, you might be thinking why people create malware. Here are some reasons which might compel a coder to write malware programs:

  • Take control of a person’s computer for personal or professional reasons.
  • To get financial benefits. This also includes hackers raising money for a cause. Last year, we heard about a ransomware attack where hackers were collecting money to feed people. But it doesn’t mean what they were doing was right.
  • To steal confidential data.
  • To prove their point. For instance, by performing a security breach on a vulnerable system.
  • To take down an individual computer or a complete network.

and the list goes on….

How can you protect your computer from malware?

  • Keep your system up to date.
  • Use genuine software.
  • Install an antivirus software and update it regularly.
  • Set-up a firewall, may it be custom as provided by antivirus software. Windows has an inbuilt firewall option in case you don’t want to use a custom firewall.
  • Never open unknown emails that generally reside in your Spam folder.
  • Never open unknown links, use online website safety checker tools if you’re not sure to open a website.

By taking these simple measures, you can effectively keep your machine free from Malware and other potential threats.

The post What Is The Difference: Viruses, Worms, Ransomware, Trojans, Malware, Spyware, Rootkit appeared first on Fossbytes .

  • Be chevron_right

    ZeroSpam

    debacle · pubsub.movim.eu / berlin-xmpp-meetup · Monday, 8 March, 2021 - 20:45 edit

ZeroSpam

We will talk about Spam in the context of XMPP.

Holger (i.a. ejabberd developer and admin of the XMPP provider conversations.im and the instance of Freie Universität Berlin) and Ge0rG (i.a. author of the spam manifesto https://github.com/JabberSPAM/jabber-spam-fighting-manifesto, heavy user of the Prosody module mod_firewall and developer of the XMPP client yaxim) will give talks. MattJ (i.a. author of mod_firewall and Snikket) will join the meetup.

Afterwards, we will discuss the three types of spam: registration spam, presence subscription spam and spam messages (directly or via public group chats).

When? Wednesday, 2021-03-10 18:00 CET (always 2ⁿᵈ Wednesday of every month)

Where? Online, via our channel (xmpp:berlin-meetup@conference.conversations.im?join). A Jitsi Meet video conference will be announced there some minutes before the meeting starts.

See you then!

#jabber #xmpp #spam #chat #freesoftware #prosody #yaxim #jabberspam #snikket #meetup #berlin #community

  • favorite

    3 Like

    Holger Weiß , purplebeetroot , DebXWoody

  • Nu chevron_right

    On a plongé dans le labyrinthe des DM Instagram pornographiques

    news.movim.eu / Numerama · Thursday, 18 February, 2021 - 14:43

Ces dernières semaines, les utilisateurs et utilisatrices d'Instagram reçoivent de plus en plus d'invitations à des conversations de groupe qui renvoient vers des sites pornographiques. La recrudescence de ces spams interroge, notamment sur la capacité d'Instagram à les repérer. [Lire la suite]

Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//

L'article On a plongé dans le labyrinthe des DM Instagram pornographiques est apparu en premier sur Numerama .

  • Nu chevron_right

    La CNIL punit une entreprise accusée de spammer les Français

    news.movim.eu / Numerama · Thursday, 31 December, 2020 - 16:04

Voilà sans doute une information que la Performeclic ne diffusera pas auprès des internautes : la société, accusée de spammer le public, vient d'être condamnée par la CNIL à une amende pour infraction au RGPD. [Lire la suite]

Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//

L'article La CNIL punit une entreprise accusée de spammer les Français est apparu en premier sur Numerama .