Attacks/Breaches
10/31/2007
02:59 AM
50%
50%

MX Logic Filters Attachment-Based Spam

MX Logic adds a new layer to its security filtering process

ENGLEWOOD, Colo. -- MX Logic, Inc., a leading managed security service provider, today announced the deployment of an anti-spam filter that specifically targets any attachment-based spam variations. The new Deep Content AnalysisSM filter is the latest advancement to the MX Logic Stacked Classification Framework® spam detection system, which is powered by patented technology and combines the most effective spam-fighting filters and techniques in the industry.

PDF (Adobe Portable Document Format) spam is the first variation of attachment-based spam addressed by the new filter, which is now in place to protect all businesses with the MX Logic® Email Defense Service. In PDF spam, spam content is embedded within attached .pdf documents instead of within the body copy of the message. Unlike any other solution on the market, the Deep Content Analysis filter allows all email attachments to be treated holistically and therefore enables MX Logic to analyze these messages in their entirety to determine if the email and/or the attachment contains spam or malware before they reach the customer’s network.

“At the height of the PDF spam outbreak, we were seeing PDF spam comprising between 10 to 15 percent of the overall spam volume with spikes up to 30 percent,” said Sam Masiello, director of threat management at MX Logic. “The shift caused by the increase in PDF spam was just the first wave of what we expect to be the next evolution of email-borne threats. In fact, as image spam volume continues to decline we believe attachment-based spam will take its place and greatly increase. So, we have created the Deep Content Analysis filter, further advancing our Stacked Classification Framework spam detection system, to respond to this threat.”

MX Logic Inc.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.