Was wondering how many get spam as PDF attachments now, most companies anti-spam mechanisms wont detect it.
I get > 10 of them a day.
My earlier intution was to consider there might be a new exploit about. So I went searching for clues and came across Nick Kelly’s (McAfee) blog post from earlier today, but it turns out that scammers are turning to PDFs because sending spam as an image file makes it easier for spam filters to stop the unwanted mail.
It may sound a little wierd, but rightly described as Modern day Robin hoods in a article on newsday.com stealing online credit card information to may charity payments
Some fraudsters have become generous — with other people’s money, donating to charities with stolen credit cards to verify the numbers are valid before selling them, the security firm Symantec Corp. said Friday on its blog.
Unverified cards fetch up to $6 while verified cards can bring up to $18, said Javier Santoyo, a manager at Symantec. “Even the bad guys want to verify the other bad guys.”The verification method has become popular because the monitoring software at credit-card companies may not question donations to charities, according the Symantec blog. Santoyo said the schemers usually donate less than $10.
Last month alone, the Red Cross refunded 700 fraudulent credit-card transactions, Martin said. That figure doesn’t include the transactions the charity blocked because they appeared fraudulent.
Most wont go to court for a $10 transaction even if the e-thieves did it …. what you you think ?
Internet SecurityMetasploit announced the immediate free availability of the Metasploit Framework version 3.0 from http://framework.metasploit.com/.
The Metasploit Framework (”Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits 104 payloads 17 encoders and 3 nop modules. Additionally 30 auxiliary modules are included that perform a wide range of tasks including host discovery protocol fuzzing and denial of service testing.
Metasploit is network security professionals favourite tool to perform penetration tests, system administrators to verify patch installations product.
Internet SecurityMetasploit announced the immediate free availability of the Metasploit Framework version 3.0 from http://framework.metasploit.com/.
The Metasploit Framework (”Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits 104 payloads 17 encoders and 3 nop modules. Additionally 30 auxiliary modules are included that perform a wide range of tasks including host discovery protocol fuzzing and denial of service testing.
Metasploit is network security professionals favourite tool to perform penetration tests, system administrators to verify patch installations product.
there is a Metasploit framework module to test the Windows Vista ANI vulnerability too 
More about the ANI vulnerability or Blue Jacking in the next post.
Search-engine marketing solves a basic need of connecting potential buyers to sellers, but until recently, it has lived a low-profile life in the media and advertising world.
Statistics
1.About 80% of internet traffic begins at a search engine, according to Harris Interactive,
2.DoubleClick reports 41% of web users use search for simple navigation, typing a query to find a brand rather than typing a URL directly into their browser
3. Search Engine Marketers Spent $5.75 Billion in 2005, According to the Search Engine Marketing Professional Organization (SEMPO)
4.The latest figures from Forrester indicate search marketing will be a $7 billion business this year.
The rise of search engine marketing has seen a rise in frauds. We have mentioned some of these latest threats.
CafePress.com, which provides online stores for thousands of blogs and web sites, has been hit with a distributed denial of service attack (DDoS) which has disrupted service for many of its merchants during the critical final shopping days before Christmas. (more…)