Attacks/Breaches
5/31/2007
08:55 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Spamless in Seattle

My spam filter didn't get the memo

4:55 PM -- The mood of the anti-spam community today was downright giddy with the arrest of the "Spam King." Gloating law enforcement officials promised an instant decrease in spam.

But from the looks of my spam volume today, the notorious Robert Soloway must not have been spamming my inbox, anyway.

That seems a bit odd, though, since he and his empire were reportedly sending out billions of spam messages every day. And he wasn't exactly subtle -- he was well-acquainted with Microsoft Corp. (Nasdaq: MSFT)'s legal team and others through lawsuits, and until he was arrested yesterday, he lived an openly lavish lifestyle on the Seattle waterfront. But he showed up in court wearing loafers without socks, one report said, apparently claiming he has no money.

Yeah, and I have no spam in my inbox.

Researchers and investigators had set their sights on Soloway for a few years, so it was only a matter of time until the money trail led them right to him. But while they were giving high-fives and patting one another on the back for snaring one of the most notorious spammers today, it was still business as usual for the rest of the spam underworld.

Well, gotta run and claim my "winnings" from that email I got today -- now that Soloway is off the streets, it's much safer.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web