Brian Krebs posted his usual “Patch Tuesday” update for Fat Tuesday (yesterday, February 13th) and listed in there was a doozy, an email-client specific bug that I almost missed: “CVE-2024-21413, a critical remote code execution bug in Microsoft Office that could be exploited just by viewing a specially-crafted message in the Outlook Preview pane.” Brian points out today: “Microsoft has updated its security advisory for [this] critical Outlook bug they patched on Tuesday: They’re now saying it’s under active attack.” Not good. Be safe, and make sure you’re up to date with latest versions and all security patches!
Brian Krebs has a grand writeup on the new ICANN thingy (technical term) meant to help folks standardize requests for access to WHOIS data via a new “Registration Data Request Service” process. I’ll let Brian give you his good overview and history of what happened to WHOIS data (grr, GDPR!) and the negative impact it has had on good guys trying to track and stop bad guys. But at the end of the day, I have to express my doubt that it will actually result in additional meaningful access to WHOIS data. Registrars can opt-out, and there’s nothing here compelling a registrar to respond to certain requests in a certain way. This whole RDRS standardization could just make it easier for registrars to ignore data access requests. So…what was the point of this again? Read it here: ICANN Launches Service to Help With WHOIS Lookups
IPv4 IP address space is just about used up, as the unused pool of IP addresses waited to be doled out is no more. And practically speaking, almost all email sending lives in IPv4 space. (That’s an oversimplification — a few ISPs do support it, but frankly, I would not call it broad.) I’d even say that most email sending platforms – email service providers (ESPs), customer relationship management (CRM) software, Marketing Clouds, email automation tools and the like, very few of these support sending mail over IPv6. So when it comes to email and email deliverability, the discussion is almost singularly about IPv4. Spammers and scammers need lots of IP addresses. Throughout the modern history of email, most spam filtering and blocking of badness was based on identifying that badness at the IP address level. Meaning bad guys doing bad things with an IP address find it blocked and
Apologies for the clickbait headline! I couldn’t resist. My intent is to deceive, but only slightly. What is this all about? I was just reading Brian Krebs and his excellent recent reporting, summarizing and analyzing of data from The Interisle Consulting Group, which shows that domains in the “.us” TLD are amazingly prevalent in BEC (business email compromise/aka “phishing”) scams.What this has to do with deliverability is this: while in theory deliverability based on domain reputation is based on the send stats linked to your domain name, your choice of domain can indeed matter to some degree, because spam filters react to what they see. Some might do so with bayesian filtering, some might be manual rulesets updated by a person, or it could be some fancy new artificial intelligence coming to take our jobs someday (yay, Skynet!) — but any of them could, and some likely will, treat mail from domains
Esteemed security journalist Brian Krebs reports on a new software-as-a-service just for bad guys. Need a bunch of email address to verify new fraudulent accounts for different services? This service has got you covered. Click on over to Krebs on Security to learn more.(I’m having too much fun with the blank-faced hacker stock photo! Thanks, Geralt.)
It’s always good to take another look at email functionality through a security lens. Head on over to Krebs on Security to check out “The Security Pros and Cons of Using Email Aliases,” by the man himself, Brian Krebs. (And a side note to Brian: DALL-E can be great help and a bit of fun if you’re struggling to figure out what kind of graphic to include in a new blog post!)
There’s a term you don’t hear every day: electronic mail fraud. Apparently it’s just one of a litany of charges brought against four employees of a company called Adconion. Per Brian Krebs: “The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive.”What we have here are (alleged) bad guys (allegedly) engaging in fraud to obtain big chunks of IP addresses which were then (allegedly) used to send (alleged) spam. Yuck.Bad guys ruin everything for the rest of us. One of the big reasons ISPs and MBPs are suspicious about mail from IP addresses with no significant mail history is probably because of garbage like this. Using large swaths of IP address space (more than 65,000 IP addresses) and attempting to evade spam