It's been a bit, but this week with so many of the team on holidays, I
guess it is on me to post an update.. Things that we are seeing..
* Increase of Japanese servers with Email compromises
* Zimbra BEC continues to rise, and with the latest CVE, will expect
more but it is of course sad to see so many governments and
enterprises having trouble addressing this. Same IPs utilized over
and over. STARK Industries and Serverion are common sources.
(Have to self promote here, PLEASE start using SpamRats
RATS-AUTH/NULL for IP reputation at the AUTH layer)
* Salesforce still having the same problem for a couple of weeks, same
actors, even the same source emails.. Fake quote requests, UAE
petroleum companies
* NameCheap still having the same problem with compromises, via their
webmails, pretty wide spread. Pfizer themed phishing/malware. Going
on for weeks now.
* HotMail affiliate spammers using 'Calendar Invites' for spam.
* Resurgence of compromised Wordpress spammers
* Digital Ocean (if you haven't blocked them already) continues to
be the biggest source of Brazilian bank phishing.
* Increase in Vietnamese threat actors
* SharePoint phishing campaign increased again
* Increase in .rar attachments, not surprising with the recent news
about windows vulnerability.
* GoogleGroups spam continues to get WORSE..
It continues to be a battle, but overall the traditional spammers are
still getting IP space, seems that even the historically 'good' hosting
companies are throwing in the towel lately, and letting any one on board
I mean, you have to show growth right? And the other companies that
allow the bad guys to operate, don't see to see any ramifications.. so
why not? Right?
But the trend of phishing and malware continues to grow. Keep your head
down, remember to use IP reputation as your first line of defense.
But there is definitely a trend, maybe because of recent economic, or
global events, that we see a lack of energy and resources being put into
network security, across the board. So sad that we hear it is hard for
those interested in cyber security to break into the field.
Hope you enjoyed today's report.
-- Michael --
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
