Re: Comcast censors the Bible

[Nick FitzGerald <nick () virus-l demon co uk>]

rms () computerbytesman com wrote:

> > They are currently out of fashion.
>
> Yep, I just checked my junk email folder and there are only a few messages
> with attached files containing malware.  ...

_AND_ (assuming you do not have incoming scanning and/or filetype 
blocking policies) a sizable chunk of those will be "old" malware -- 
Netsky, Swen (I just got one, tho haven't seen one for many months or 
four in more than a year) and the like.

> ...  The situation has changed in the
> last 6 to 12 months.  I was amazed the last time I checked how many
> malware-laden messages I had.  It was as if the bad guys hadn't heard
> about the Outlook executable blocker.

As Toralv has noted, they _did_ notice, and they also noticed that a 
lot of corporates had a "no .EXE attachments... well unless the sender 
and receiver are sophisticated enough to know about ZIP/UNZIP'ing them" 
rule.  As a result several much-larger-than-folk-had-become-comfortable-
with outbreaks using .ZIP attachments (the only natively-supported 
archive format in Windows the malware authors seem to know about) saw a 
lot of corporates arbitrarily block .ZIP files, or at least seriously 
tighten their "except in .ZIP archives" rules.

Subsequently the botnets these folk had been building up got so huge 
and sufficiently advanced that they could leverage the botnets in the 
ways I described in an earlier message.


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.