I'll be speaking next week at the #M3AAWG General Meeting in Vancouver! Come see my talk, "User Safety Is Hard to Find," Thursday at 2pm - and say hi if you pass me in the hallway!

https://www.m3aawg.org/upcoming-meetings

How Phished Data Turns into Apple & Google Wallets

https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets/

#CSISSecurityGroup #AllAboutSkimmers #ALittleSunshine #TheComingStorm #AndyChandler #ThreatFabric #WebFraud2.0 #FordMerrill #SecAlliance #GrantSmith #Resecurity #ghosttap #iMessage #smishing #google #M3AAWG #apple #ZNFC #RCS

Nathan Alan and Mark Robertshaw were in Vienna last week at the M3AAWG event presenting on AI and DNS Abuse. Great to catch up with colleagues to continue conversations on DNS Abuse. Even had some down time to explore the beautiful palace in Vienna!

https://dnsrf.org/news/dnsrf-highlights--ai-and-dns-abuse-presentation-at-m3aawg-in-vienna/index.html

#M3AAWG #DNSAbuse #TrustChecker

Is Port 25 on your network restricted? If not, why not? We are seeing an increasing number of issues arising from ISPs leaving Port 25 open, and we would like to understand why this is happening?

Want to know more about why you should restrict port 25?

👉 See our FAQs: https://spamhaus.org/faqs/policy-blocklist-pbl/#why-is-port-25-for-email-transmission-no-longer-widely-supported

👉 Read the
@M3AAWG
's best practice on how to manage Port 25: https://m3aawg.org/sites/default/files/managing_port_25_2023.pdf

Want to discuss this further? If you're at #M3AAWG this week, connect with one of the Spamhaus team, or please reach out to use via this social channel.

#ClosePort25 #BestPractice

💡 "Policymakers generally don’t seem to appreciate that most damage is inflicted within a few hours of the onset of a cyberattack."

We caught up with Dave Piscitello to get his insights from INTERISLE CONSULTING GROUP, LLC's recent study into supply chains used by cybercriminals - from changes to policy, trends, to cheap TLDs - learn more here 👇
https://www.spamhaus.org/resource-hub/cybercrime/trends-policy-and-cheap-tlds-an-interview-with-dave-piscitello/

Look out for Part 2, which will be published tomorrow!

#M3AAWG #APWG #CAUCE #Interisle #CyberCrime #Cybersecurity

New report from #M3AAWG

DNS Abuse Prevention, Remediation, and Mitigation Practices for Registrars and Registries

http://www.m3aawg.org/DNSAbusePreventionRegReg2024

The report shares findings and recommendations from our Interisle Criminal Abuse of Domain Names and Phishing Landscape 2020 reports. In particular, they emphasize the important role that registries and registrars must play to mitigate cybercrimes and attacks that exploit bulk domain registrations.

#spam #malware #phishing #dns #cybercrimeprevention

https://interisle.net/sub/CriminalDomainAbuse.pdf
https://www.interisle.net/PhishingLandscape2020.pdf

Good Monday all...

Today we've released a study,

Cybercrime Supply Chain 2023:
Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them

https://interisle.net/CybercrimeSupplyChain2023.html

The major findings of the study are:

• 5M domains identified as serving as a resource for cybercrime.
• 1M domains reported for spam activity were registered in new gTLDs.
• 500,000 subdomain hostnames reported for serving as resources for cybercrime.
• 1.5 million domains exhibited characteristics of malicious bulk domain registration behavior.
• Exact matches of a well-known brand name were used in over 200,000 cybercrime attacks.
• The US had the most IPv4 addresses serving as resources for cybercrime activity. China, India, Australia, and Hong Kong rounded out the top 5.

Summary: Reactive efforts currently employed by the domain name and hosting industries, governments, and private sector organizations cannot curtail cybercrime and the harms it inflicts on Internet users.

In the report, Interisle recommends measures that policy regimes, governments, service providers, and private sector working together can implement to disrupt the cybercrime supply chain.

The study was sponsored by the #APWG, #CAUCE, and #M3AAWG.

#cybercrime #spam #malware #phishing #dnsabuse

The Internet Last Week

* VNC average signals volume rising
https://dataplane.org/statistics/vncrfb.html
* APRICOT 2023 / APNIC 55
https://2023.apricot.net/program/schedule
* DNS Root server prefix hijacks
https://twitter.com/leftman76/status/1629393174631178242
https://twitter.com/leftman76/status/1629712761667170304
* Dish Network outage
https://www.bleepingcomputer.com/news/security/dish-network-goes-down-in-a-mysterious-outage-employees-cut-off/
https://www.theverge.com/2023/2/24/23613737/dish-outage-internal-system-issue-boost-mobile-genesis
* M3AAWG 57th
https://www.m3aawg.org/upcoming-meetings
#VNC #APRICOT #APNIC #DNS #DISH #M3AAWG

I got #ChatGPT to write my last newsletter. It saved me a lot of time, but the Open Rate and Click Through Rate are slightly lower. May be because of the long weekend here in the USA? Can AI help write better engaging emails?

Check it for yourself: http://eepurl.com/ik62ab

Leave me your comments.

I feell one area which is missing is authenticity. This is very important in art, “to be yourself”.

#music #ai #emailmarketing #m3aawg #emaildeliverability #machinelearning #musicbusiness