Fake Pizza Hut “Free Pizza” Coupons Latest Malware Threat

Wed, Oct 29, 2014 by Andrew Conway

Starting on October 28, we saw a new hook used to try and trick users into installing a Trojan on their computer – Free Pizza. Fans of Robert Heinlein will be familiar with the acronym TANSTAAFL – There Ain’t No Such Thing As A Free Lunch. In this case TANSTAAFPE – There Ain’t No Such […]

#Lawlipop: Android’s Latest Security Intiative

Tue, Oct 28, 2014 by Tom Landesman

Just the act of Googling “Lollipop security” is reason for pause – who knows what surveillance list that might trigger? But do so and you’ll discover that the presumably amply insured head of Android security doesn’t bother locking the front door to his urban San Francisco home. As Seth Rosenblatt of CNET reports, the exact […]

Cloudmark’s 3Q 2014 Security Threat Report

Thu, Oct 23, 2014 by Cloudmark

This quarter we investigate knock-off designer goods pitched by way of Apple iMessage’s first major spam campaign, examine the curious patterns of sub-domains generated for by DNS resource exhaustion attack, discuss the popular Peter Pan attack, and more trends in Cloudmark’s Q3 2014 Security Threat Report. On-going since last quarter, iMessage has been hit with the […]

The Snappening: Mostly Harmless

Mon, Oct 20, 2014 by Andrew Conway

As I reported in a previous post, the hacked SnapChat collection known as the Snappening contains very few nude photos, and most of those do not show an identifiable face. I was asked to quantify this, so I took a random sample of 1,000 photos from the collection and categorized them. To respect the privacy […]

The Snappening: Another Hoax?

Sat, Oct 11, 2014 by Andrew Conway

The media are full of reports of a vast leak of private photos and videos that were sent using the SnapChat application. However, it’s looking increasingly likely that they have been taken in by a scammer, and that the actual leak consists of a handful of videos, very few of them compromising. Starting on Thursday, […]

A DNS cache-busting technique for DDOS-style attacks against Authoritative Name Servers

Tue, Oct 07, 2014 by Emmet Cassidy

During the course of a recent analysis of DNS traffic at a customer site, I noticed a high volume of requests had been made for a relatively small set of domains. As it turned out, the traffic was part of an attack on the customer’s DNS infrastructure; however, the point of these requests was initially […]

DNS Gang Wars of the Wild Wild East

Tue, Oct 07, 2014 by Tom Landesman

What does running the DNS infrastructure of a major ISP have in common with operating an online gambling site based in China? If you are running DNS operations of any scale then you are almost certainly participating in a world wide racketeering campaign specifically targeting online gambling sites, many of which operate out of China […]

DNS Tunneling (Ab)Uses

Tue, Oct 07, 2014 by Tom Landesman

Abuse of global DNS infrastructure for the purpose of distributed denial-of-service (DDoS) attacks on various Internet services has been a hot topic in the news for some time now. But there is another unintended use of DNS that can be exploited for a wide range of purposes: DNS tunneling. These purposes can range from benign […]

BitTorrent Sync is the Preferred Method for Sharing Stolen Celebrity Photos

Mon, Oct 06, 2014 by Andrew Conway

As a fourth wave of stolen celebrity nude photos and videos is being distributed on the Internet, lawyers for some of the affected celebrities are suing Google for making it too easy to find their stolen images. However, the more savvy voyeurs are not using Google to search for the latest leaks, they are simply […]

True Names and Identity on the Internet

Wed, Oct 01, 2014 by Andrew Conway

As received by: Transceiver Relay03 at Relay Language path: Firetongue->Cloudmark->Triskweline, SjK units [Firetongue and Cloudmark are High Beyond trade languages. Only core meaning is rendered by this translation.] From: Arbitration Arts Corporation at Firecloud Nebula [A High Beyond military[?] organization. Known age ~100 years] Subject: Reason for concern Cloudmark took its name from a language […]

Learn More About Cloudmark
Our Products
News and Events
Site Map  •  Privacy Policy  •  ©2002–2014 Cloudmark, Inc.