Risk
5/14/2013
04:01 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

IceWarp Discovers New Sophisticated Spam Delivery Method

Global messaging and collaborations solutions provider recommends setting a strong password policy

Springfield, VA – May 13, 2013 – IceWarp has discovered a new sophisticated Spam delivery method hackers use to bypass most anti-spam defenses and attack computers worldwide, the global messaging and collaborations solutions provider announced today. According to the company's security experts, the following pattern has emerged: hackers steal email addresses and passwords from the outside nodes, and use this combo to break into a corporate email system.

The recent IceWarp security situation analysis showed that the attackers are exploiting the fact that many users often choose the same password for their social media accounts and corporate email. That negligence opens wide opportunities for hackers even if they are able to get hold of just a few passwords. The recent hack of LivingSocial, a popular daily deals platform, showed that cyber criminals immediately applied stolen passwords to break into corporate email accounts.

"The email address is decomposed into two parts, where the domain part is used to lookup the mail server using its DNS MX record (publicly accessible), and the username authenticates that user to the server," explained Antonin Prukl, IceWarp Technical Director. "Once intruders get access to server, they look into the IMAP folder for the recent emails sent by the account's owner. Then they send spam to these email addresses from the same server."

This tactics makes spam attacks extremely effective, since, in most cases, the hijacked sender is on the recipient's server white list.

"There is nothing suspicious in getting an email from an "approved" sender," notes Mr. Prukl. "Such spam delivery process is almost impossible to detect and stop."

According to IceWarp security team, the only effective countermeasure – a part of strict password enforcement policy - is the technical capability to force users to change passwords at the first signs of such an attack.

"IceWarp administration features make password administration easy," says Mr. Prukl. "All administrators have to do is to force users to change their password when they log on. This can be done with just a few mouse clicks."

More information on IceWarp password policy enforcement capabilities can be found here: http://www.icewarp.com/support/online_help/11.0/Content/485.htm

IceWarp, which is considered one of the world's most secure messaging platforms (its anstispam module is using 20 spam protection techniques) is offering special protection options to ward off sophisticated hackers not available from other vendors. One of them is a special trigger administrators can use to issue a company-wide warning and make user change their password once they log into the system. Additionally, the administrators can enforce the password strength, such as including letters, numbers and symbols.

ABOUT ICEWARP

IceWarp is an emerging provider of comprehensive messaging solutions for every business class, size and niche. Building upon a decade of enterprise e-mail platforms experience, IceWarp offers organizations an all-in-one highly secure solution that enables their mobile workforce to communicate through any platform, be it e-mail, mobile synchronization, chat, SMS, voice or video. The highly scalable product can easily be used by organizations of all sizes, from SMBs to large corporations, delivering ease of deployment, exceptional reliability and scalability. IceWarp's solutions are available in over 40 countries through a comprehensive network of distributors.

A rare exception in the messaging space, IceWarp's architecture is based on universal standards, doesn't depend on any client and supports all mobile devices currently on the market.

The company is also offering other products built on its proven core platform. One is LiveWebAssist, a multilingual business chat that allows companies to better monetize website traffic by interacting live with website visitors, from any location, through any device – desktop, laptop, smartphone or tablet. The other is eVisitCare - the doctor-patient secure email communications system.

Already recognized as a leading email solutions provider and a viable Microsoft Exchange alternative, IceWarp (formerly Merak Mail Server) is deployed in more than 20,000 organizations and supports over 50 million users worldwide. The company disrupts the messaging category by delivering all email, mobile synchronization, SMS, chat, voice and video capabilities in one integrated, extremely secure and easy-to-deploy solution. Its customers include such market leaders as Marriott International, Inc., Verizon Communications, Inc., Inmarsat, AVTOTOR, Russian Space Agency, as well as small to midsized firms.

For more information, please visit IceWarp (www.icewarp.com) or follow us on Twitter (@icewarp).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7877
Published: 2014-10-30
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

CVE-2014-3051
Published: 2014-10-29
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof s...

CVE-2014-3668
Published: 2014-10-29
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument t...

CVE-2014-3669
Published: 2014-10-29
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function ...

CVE-2014-3670
Published: 2014-10-29
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly exec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.