Author Archives: Thomas

How Email Administrators Can Improve Authentication Security

The previous articles about authentication attacks focused on how an end user identifies and protects themselves from authentication attacks. But what about protecting the server itself, and all user accounts, from such attacks? This article goes over what can be … Continue reading

Posted in Informative | Tagged , , , , , , , , , , , , , , | Leave a comment

What is an Authentication Attack

“My account has been hacked!” It’s probably not the first time that you’ve heard those words, but what exactly does it mean for your account to be hacked? I’m not referring to cases where your Ex guessed your password and … Continue reading

Posted in Informative | Tagged , , , , , , | Leave a comment

Blocklists are for more than just Spam

Blocklists, also known as Real-time Blackhole Lists (RBL) or Domain Name System-based Blackhole Lists (DNSBL), have historically been used to reject or flag email. This is typically done by checking whether the IP address of the sending mail server is … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

Trends in Networks: Spam #19

What else can be said about the Freenom and .xyz TLD abuse on Digital Ocean at this point. Perhaps it is time to just accept that email from these TLDs should never be accepted from the Digital Ocean network. Feb26 … Continue reading

Posted in Informative | Tagged , , , , , , , , , , | Leave a comment

Trends in Networks: Spam #18

It’s a shame that such simple fixes can’t or won’t be done by a company to make the world a better place. I wonder if the money is really worth knowingly turning a blind eye to malicious activity, activity that … Continue reading

Posted in Informative | Tagged , , , , , , , , , , , | Leave a comment

Trends in Networks: Spam #17

Never ending freenom and xyz TLD spam continues on Digital Ocean. A big burst came in on Valentines day from these newsgood.xyz domains. Feb12 159.65.97.208 x1 box.hasferst.xyz 164.90.222.36 x7 ocean.heurlin.xyz 167.71.236.182 x20 mail.gizmospace.ml Feb13 104.248.198.228 x1 box.tspsonghericeltd.xyz 188.166.212.60 x2 mail.granti.xyz … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

Trends in Networks: Spam #16

Some more throwaway freenom and xyz domains spamming on the Digital Ocean networks. I’m slowly working on expanding this report to more networks, just have been pretty busy with everything else going on. These actors have been shooting out this … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #15

Back at it again with some more throwaway domains from our old friends. Amazing how we can always count on spammers to persist like cockroaches. Still no sign of this spam activity stopping since we’ve last reported in December, and … Continue reading

Posted in Informative | Tagged , , , , , , | Leave a comment

Trends in Networks: Spam #14

The last few weeks have been quite interesting for us researchers. Unfortunately that ‘interesting’ stuff delayed a bit of our social media efforts. Digital Ocean abuse is now stronger than ever. We would hope to see a reduction in these … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment