This morning I received the first two spams to the address of mine that was compromised during the Epsilon compromise back in April. Actually, I received two of them. One was the “standard” Adobe phish email. The other was similar but referenced Limewire instead of Adobe. Have you heard the big news? Limewire has shut down for good. Want to know what other people are using as their...
Be on the lookout
I’m hearing more rumors of ESPs seeing customer accounts being compromised, similar to what happened with The Children’s Place. Experian CheetahMail identified an isolated incident in which someone used a valid client user ID and password to gain access to the client’s email account and transmit an unauthorized and unlawful email. To recipients, the email appeared as a solicitation...
Another security problem
I had hoped to move away from security blogging this week and focus on some other issues. But today I see that both CAUCE and John Levine are reporting that there is malware spam coming from a Cheetahmail customer. Looking at what they shared, it may be that Cheetahmail has not been compromised directly. Given mail is only coming from one /29, which belongs to one customer it is possible that...