Blogs

With OnLive's on-demand gaming service, PC gaming has gotten cheaper and easier. There is no need to have high-end computers with fancy graphics cards and fast CPUs to play the latest videos games. Low-end computers running Windows XP, Windows Vista, or Intel-based Macs running OS X together with a decent Internet connection is enough to get started. Users can also gain access to OnLive using their televisions with the OnLive MicroConsole. OnLive enables users to play or rent games, try out game demos and play multi-player games with other users using the OnLive service. There are also community features such as speculating live games, recording and sharing gameplay videos and accessing gamer profiles.

Essentially, the user just needs to know how to use a browser. Game data and interactions are sent from the browser to the OnLive servers for processing. Once all the data has been computed, a compressed video stream is sent back to the user's browser and the user continues to play the game. To the user, the gameplay is real-time and will feel no different than playing with a local copy of that game. It is convenient for the user, because OnLive eliminates installing and updating the games and the need for local storage space.

The OnLive service achieves this instant access with a combination of remote servers working dedicated or shared to produce continuous gameplay for the users. Game data are stored and processed on these servers and their hardware are upgraded every six months to provide users with optimal processing power. Each server has a particular task like handling the user interface, running the games and streaming video. There are also several classes of servers depending on the requirements of the computations and the number of connections. Thus, during a session, a user is passed to several servers depending on their state of play and processing requirement.

With all the data transmissions happening in the background, it is obvious that the OnLive service is dependent on and limited to the user's broadband connection and region. OnLive claims that high-definition quality is achievable with video at up to 1280x720 resolution and a frame rate up to 60 frames per second with a connection of at least 5 Mbps. However, the slower the speed, the lower the resolution and frame rate. With a 1.5 Mbps connection, a standard-definition quality is obtainable, but it may be insufficient to play a real-time, action-packed game because the video feedback may not be as smooth as playing on a local machine. Also, with the compression of the video, some of the art details in the scenes are lost.

This newly announced project is featured in New York Times on May 12 - "Four Nerds and a Cry to Arms Against Facebook". First line of the article says "How angry is the world at Facebook for devouring every morsel of personal information we are willing to feed it?".

Almost all social network services presenting today are centralized, such as Facebook, Twitter, Orkut etc. we fill out personal information to register as an user, hand over messages via their servers to communicate with our friends. In the mean while, what we are giving up is all of our own privacy. That may increase data leakage and we have to be more cautious about what we are posting on these social networks.

A few months back, four geeky college students of NYU (Mr. Salzberg and Mr. Grippi are Raphael Sofaer, 19, and Ilya Zhitomirskiy, 20), decided to build a social network that wouldn’t force people to surrender their privacy to a big business in exchange for convenient access to their sites. They have called their project Diaspora and intend to distribute the software free, and to make the code openly available so that other programmers can build on it.

The Diaspora group was inspired to begin their project after hearing a talk about "internet privacy" by Eben Moglen, a law professor at Columbia University. As more and more of our lives and identities become digitized, Moglen explains, the convenience of putting all of our information in the hands of companies on “the cloud” is training us to casually sacrifice our privacy and fragment our online identities. Why is there no good alternative to centralized services that, as Moglen pointed out, comes with "spying for free?”

“When you give up that data, you’re giving it up forever”

“In our real lives, we talk to each other, We don’t need to hand our messages to a hub."

"Our real social lives do not have central managers, and our virtual lives do not need them." — said by Diaspora group.

The project is described as a "network that allows everyone to install their own “seed” — i.e. a personal web server with a user’s photos, videos and everything else — within the larger network. That seed would be fully owned and controlled by the user, so the user could share anything and still maintain ownership over it".

It would take three or four months to write the code, and they would need a few thousand dollars each to live on. They gave themselves 39 days to raise $10,000, using an online site, Kickstarter, that helps creative people find support. They announced their project on April 24. They reached their $10,000 goal in 12 days, and the money continues to come in: as of today (May 24), they had raised over $180,000

Not bad for a financial start to turning an envisioned new network into reality. It is far too soon to tell whether Diaspora will replace Facebook and become the next top social networking website, however due to the ripe timing and tremendous amount of support, it might just have a shot.

For years, C++ users have complained a lot about lack of libraries to build system and networking applications. Compared to other Object-Oriented languages like Java and C# which enjoy abundant built-in classes and functions in hand, C++ is somewhat awkward. Programmers need to write code from scratch using native system APIs, or look for existing solutions provided by software vendors. Building everything from ground up can be painful if they don't have a firm grasp of OS APIs and the code itself is not portable as well. Given that in mind, some intelligent programmers have written and share their libraries to address the issue.

Adaptive Communication Environment (ACE)

ACE has been around for quite a long period. It was first developed by Douglas C. Schmidt during his graduate work at University of California, Irvine. Based on my experience, the source code itself is kind of old-style C++ with lots of Macros inside. With plenty of classes and modern design patterns incorporated, it is considered to be complex and require a long learning curve to master. But due to its glorious history, ACE supports most operating systems, even those you have never heard of.

Poco C++ Libraries

You may think Poco as a revised version of ACE with much more clean codebase. To certain extent, It covers what ACE covers plus a lot of de-facto standard C/C++ library, say, PCRE, zlib, etc. Poco is well-documented and source code is quite self-explained. I would recommend it for a beginner who wants to try out such a library.

Boost C++ Libraries

Boost is another great library you should never miss out. It has a bunch of useful utility libraries more than you can expect and you will be amazed by the power of C++ templates used in these libraries. In the recent version, it also included a network library called ASIO which is worth to explore. However, when it comes to debugging, the template-based code may not be a pleasure to trace. But if you were a C++ geek, you would love it!

What on earth is the currently hottest Cloud Computing? What is its difference from the Grid Computing? This article will take you to the origins, conceptions, and related applications of Cloud Computing. You might have heard another noun, Grid Computing, before Cloud Computing was stirred up. Many people consider Grid Computing & Cloud Computing very much alike. In fact, there is no strict segmentation between the two concepts. They are both considered the concepts derived from Distributed Computing.

Grid Computing VS Cloud Computing
Grid Computing:
It is made of the virtual computing cluster by using the un-used resources (CPU resources & Disk Storage) from a large number of heterogeneous computers (usually called Desktops), and it provides a structure for solving massive computing problems. Grid Computing focuses on the abilities of cross-domain computing support. With Parallel Computing applied, it focuses on the full-use of resources between and across the companies to jointly solve the tough computing tasks。

Cloud Computing:
It is a kind of dynamically scalable computing. The basic concept is to divide the task of computing into several processes. After they are processed and analyzed by the servo group (cloud hosts) distributed over the Internet, the outcomes will be returned to the end-users. Although Cloud Computing originates from Parallel Computing, it is not away from the concepts of Grid Computing. But, Cloud Computing focuses more on the processes of data.

Mainstream Cloud Technologies:

MapReduce :
It is the key technology that Google applies to Cloud Computing, which allows developers to develop more programs that process massive data. First, it divides the data into unrelated segments through the Map program for a large number of computers to process. Results are further gathered and integrated through the Reduce program. Then it outputs the outcomes required by developers.

Hadoop：
Hadoop is an open-source program inspired by the Google Cloud Structure. The structure of Hadoop is implemented with the concepts proposed by the Google BigTable and the Google File System. It is written in Java, which can provide a Distributed Computing environment for massive data. But the Distributed File System used is different from Google’s. Yahoo is the main contributor and user of the program.。

Service Patterns of Cloud Computing
The application of Cloud Computing usually provides the clients through the Internet with information technologies, including computation, storage, and bandwidth, in a virtual form of “services”. Through Cloud Computing, users only have to take the services as Black Boxes and input the actions required. They don’t have to know the operations inside the Boxes. They only have to wait for the outcomes returned.
Three patterns based on service categories:

1. Software as a Service, SaaS
The SaaS is a pattern of acquiring the software deployment through the Internet. It provides the company with the Software on Demand from the front-end office applications, such as Email and word processing to the back-end data analysis, customer relationship management, business process management, and human resource management. Representatives are Google, Salesforce, Microsoft, etc.

2. Platform as a service, PaaS
The PaaS is a kind of combination of Servo Hosting Platform and a Virtual Solution. Users don’t have to construct the hardware hosts and the operating systems by themselves. Through the rented Internet, PaaS service providers provide the Virtual Hosting Platform, which saves software & hardware maintenance and labor & time management. Through the PaaS, software providers can focus on the software development and accelerate function deployment online. Well-known developers are Amazon web service, Google App Engine, etc.

3. Infrastructure as a service, IaaS
IaaS makes the IT infrastructure kind of service. The company outsources the structure required within the company to the IaaS contractors. Compared with the costs of ordering hardware, software, storage, power, and the bandwidth for construction of traditional computer room, the company can acquire the IT resources more efficiently by paying per use. The concepts of the Private Cloud & the Hybrid Cloud are extensions of the IaaS。Private Cloud makes the exterior resources interior within the company through the VPN; Hybrid Cloud, which integrates cloud services from different providers more flexibly, combines the Public Cloud/SaaS and the Private Cloud. Sensitive data are served by the Private Cloud while non-confidential data are served by the Public Cloud of lower costs.

More and more suppliers are investing in the cloud services, and that means the Cloud service Market has become the trend for the future. The rise of the market means that the company can lower the construction costs of information services and that it can focus on the core of its operations to improve efficiency and competitiveness. However, Cloud services also bring about many problems, such as security apprehensions, whether or not the Service Level is sufficient for dealing with the daily operational requests from the company, the compatibility with the existing systems, etc. In the presence of the Cloud security problems, the next article will take you to the new technologies and its applications developed by information security providers.

Hackers usually use the most popular things that people are talking about to send the spam mail. By the spare of the H1N1 globally, the relative topic of H1N1 spam mail are all over the place. CelloCloud™ Threat Sensor System already found out many cases of spam mail which are using the H1N1 as the topic to attack personal computer. They are using a very attractive topic such as ”Madonna caught swine flu!” or ”Swine flu in USA”“ to let the receiver to click the website or download the Trojan to personal computer to steal the personal information or combine with Flash to attack the unguarded computers.

Cellopoint wants to remind everyone 1. Be aware of the suspicious email. Do not open or click the links inside an email. Do not give away any personal information such as bank account number, password…ect in the email. None of the companies would request this kind of information from their user. 2. Do not reply to spam, as it will let Spammer know your email address is valid. Then they will send more spam. In addition, a number of spam contains unsubscribe links will create the same result. The best way to deal with spam is to delete without reading it. 3. Watch out for social-engineering trap. Hackers become more sophisticated and often trick individuals to enable malicious code attacks (Spear Phishing). 4. Do not forward chain letters. This special kind of email may be created by hackers to collect email accounts for the production of spam.

CelloCloud™ Threat Sensor System relase the anti-spam database update when the system discovered the threat of the Swine spam to protect their global clients. CelloCloudTM provides “Global threat protection” and “ Online update protection” functions. It can help for anti-spam, virus, anti-spy, phishing, anti-reply, DoS attack, hackers threat …ect. CelloCloudTM Threat Sensor System just like a safety cloud to prevent our customers from the threat and reach our goal of “Cloud Security for Email”

Due to the economic resection ,there are more and more unemployed people looking for jobs on line and it gives the hackers a perfect chance to defraud those job hunters. Cellopoint Global Anti-spam Center (CGAC) has found and intercepted a huge amount of spear phishing messages which contain messages like “Thank you for applying xx position. After reviewing your resume, you are not qualified for this position. We decide to send your resume back to you…”This email seems normal with the link of the company website. If you open the attached file, it would not be your resume that you are looking for. It would be Trojan Horse. It is impossible for the job hunters to memorize all the companies' names and jobs that they applied for. This is the reason that job hunters are the victims of these false emails.

Cellopoint Global Anti-spam Center (CGAC) thought that these spear phishing attacks are showing the new change of the social behaviors. Besides those Botnet computers which have been attacked by Trojan, hackers also use those free web mail servers as the step stone to attack regular user. For the service provider, this not only slows down the efficiency of the mail server but also becomes the black list which would effect the basic function of sending or receiving mails. If the service provider wants to promote a better email service by charging their customers, the black list would be the biggest problem for their future business plan. The Executive Yuan of the Republic of China has already passed the new law of “the management of sending business email” which says that the email service provider must prevent the spam of business email. If the email service provider can not forbid the spam, they will receive the find until they do something to stop it.

Cellpoint email security and management solution also called Email UTM. It got the first place of the Ites Best Choice of “Anti-spam” in 2008 by Institute for Information Industry. From Email UTM, it included CGAC online guarding service about anti-spam, virus email, anti-spy, phising, anti-Relay, anti-Dos, anti-Hacking to secure the safety of email transferring, Digital Signature to solve the problem of counterfeit email. Cellopoint Policy Center can classify the email into different categories between business email and regular email. It provides IP Pool management. This can avoid the regular email IP to be listed in the spam blacklist. It can forward, delete, quarantine, notice the inspect or secure copy…ect. This can increase the efficiency of the system dramatically for all the clients include the service providers, businesses and organizations.

With Valentine's Day just around the corner, email threats hided in Valentine’s Card are also awakening. Cellopoint Global Anti-spam Center, CGAC has a warning for internet users: The surge of Valentine Day attacks come from notorious Waledac botnet and disguise as E-card format. This kind of spam carries links to get users to visit malicious sites. Instead of real greeting cards, malware will be downloaded and compromised their computers. The infected computers will become part of botnet and send out spam and virus without awareness as well.
This kind of spam is short and sweet one liner with content like: “Me and You”, “In Your Arms”, “With all my love” and “I give my heart to you” followed by an URL. If you receive an email above and similar to the title, you should be careful. Do not open it without double confirm. Besides, tax refund and online booking confirmation also increases in amount.

Cellopoint provides a few tips to stay away from spam:

1. Use an email security solution. This solution should protect against inbound email threats and viruses while ensuring transmission of legitimate email messages without delay. It should maintain a very low false-positive rate.
2. Educate users on secure email practices. Be careful with suspicious email. Never fill out forms in email messages that ask for personal or financial information or passwords. Remember that legitimate companies will never ask for this type of information via email. Avoid opening suspicious emails and clicking on suspicious links.
3. Do not reply to spam, as it will let Spammer know your email address is valid. Then they will send more spam. In addition, a number of spam contains unsubscribe links will create the same result. The best way to deal with spam is to delete without reading it.
4. Watch out for social-engineering trap. Hackers become more sophisticated and often trick individuals to enable malicious code attacks (Spear Phishing).
5. Do not forward chain letters. This special kind of email may be created by hackers to collect email accounts for the production of spam.

About Cellopoint
Cellopoint is a leading provider of email UTM (Unified Threat Management) solutions for organizations ranging from small businesses to large enterprise and ISPs. We defend against email threats such as spam and viruses, prevent leaks of confidential data by content filtering and secure mail delivery, archive email to protect your digital assets, comply with regulatory inquiries and corporate investigations in a single, web-based platform. We provide the maximum reliable, scalable and flexible solutions to help you deploy and manage easily. For more information, please visit: www.cellopoint.com

The notorious botnet hosting, McColo has been taken down by a group of Internet Providers on Nov 10 and total spam production dropped as much as 50 percent. The action followed investigations by security researchers that found that McColo was found to become the preferred home of for many botnets' command and control servers, including Rustock and Asprox. Now that Cellopoint Lab has found that spam volumes are rising up again after decreasing four weeks ago when a rogue hosting company was shutdown. The volumes dropped for 9 days and are on the rise. The reason that may account for could be some botnets are awakened or regenerated. Spammers seem to try many ways to send out spam. The Mega-D botnet, well-known for producing "billions" of spam, most of which promote sexual performance drugs such as Viagra has worked effectively over the last three weeks to set up new command and control servers and re-establishes connections with its networks of compromised bots. And other famous botnet, Srizbi and Rsutock have also come back. The botnets' return comes as no surprise to the information security industry. The spam should be monitored, despite its dropped volume. Organizations still need to remain the same level of security as usual. To help protect against many email and internet threats, Cellopoint recommends the following: spam filtering and email anti-virus. Rather than rely on any single piece of anti-spam and anti-virus product or technology, deploy multiple layers of security throughout the organization by Email UTM.

About Cellopoint
Cellopoint is a leading provider of email UTM (Unified Threat Management) solutions for organizations ranging from small businesses to large enterprise and ISPs. We defend against email threats such as spam and viruses, prevent leaks of confidential data by content filtering and secure mail delivery, archive email to protect your digital assets, comply with regulatory inquiries and corporate investigations in a single, web-based platform. We provide the maximum reliable, scalable and flexible solutions to help you deploy and manage easily. For more information, please visit : www.cellopoint.com

A few days ago, American Republican vice presidential candidate Sarah Palin's yahoo e-mail account had been compromised by hackers. Parts of the contents of the message were available to download. In addition to a number of personal photos, nothing makes Palin embarrassed. But news pointed out that Palin had consulted with public affairs via this personal email account, it may try to avoid the law. At present, a 20-year-old Democratic Tennessee state representative’s son is suspected and had relations with this. FBI may investigate with him soon.

Not only political figures, the executives of companies have also suffered from target attacks. For corporate governance, it is necessary to prioritize the policy for the usage of personal email accounts. If unable to control it, it had better to limit it to prevent employees from inadvertent forwarding of email containing product development or business plans to other personal email recipients intentionally or not. Cellopoint proposed that businesses or organizations can implement policies and control e-mail messages with auditing tools. Scan the contents and detect improper behaviors of incoming and outgoing messages. If employees may leak sensitive information to external email addresses, the auditing tool should instantly quarantine the email and notify the auditors or the manager. It results in good email leakage prevention.

In the wake of a flood of phishing email attacks masquerading as news bulletins, hackers have recently launched attacks disguised as FedEx express delivery tracking emails. These hackers use botnet computers to send emails with FedEx package tracking numbers telling recipients that the delivery of their parcel has run into some problem: the address contains an error, the recipient's name does not exist, customer reconfirmation is required, or pick-up is required. A compressed zip file is attached to the email, and the customer is asked to decompress the file, print it out, and send it back. The zip file is actually a malicious program, however, and if opened by an unsuspecting recipient, will automatically install a backdoor program that can steal sensitive data on the computer. This type of email attack relies on social engineering. For instance, a package tracking number may be used to obtain the recipient's trust, or the email may provide notification of a package ready for pick-up. And since there is a compressed zip file, a backdoor program can be installed on the user's computer without the user visiting a malicious web site. CGAC immediately issued an anti-spam database update after detecting this type of email attack on the 22nd; the update will protect users by effectively controlling the spread of the attack and fraudulent email volume.

A flood of phony CNN phishing email has been causing chaos around the world. Thanks to monitoring by the Cellopoint Global Anti-spam Center (CGAC), it has been known that hackers have been sending out vast quantities of phony CNN phishing emails since August 5, and the volume of these malicious emails has not slackened significantly up to this weekend. It is estimated that 7-8 million of these emails are bombarding users' computers worldwide every hour. The subject line of the emails has changed from "CNN.com Daily Top 10" to "CNN Alerts: My Custom Alert," but the body of the email still replaces the normal web site URL with a link to a malicious fraudulent CNN web site. The email attempts to lead the recipient to the phony web site and induce him or her to download a malicious program.

Because CNN originally sent emails with a similar subject line message, recipients may not suspect that clicking on this email will take them to a malicious web site. When the user reaches the phony CNN web site, they will see a message saying that they need to update their browser's Flash player. It's quite likely that many ordinary users will naturally press "Confirm update" at this time. If they do, a malicious sham Flash player program will be downloaded and installed on their computer.

Cellopoint has developed an URL reputation defense mechanism to combat this kind of attack, and all of our customers are protected. CGAC monitors spam and phishing email worldwide on a daily basis, and includes any suspicious web sites in an URL reputation database. Our email security gateway checks passing emails against the list of suspected phishing web sites, and blocks threats at the gateway end. This method provides ironclad protection against phishing email attacks.

Recently some people have used a Gmail backup software known as G-Archiver to backup their email and save to a portable disk. But in fact it has turned out that G-Archiver is malicious ruse set by hackers. After it is installed, G-Archiver hides a backdoor program that will automatically transmit the user's Gmail account number and password to the hackers, allowing them to enter the user's Gmail. And because of Google Apps services, a hacker possessing a stolen account number and password can access a wide range of services and documents, exposed users in danger. When this type of malicious software steals the e-mail account information of an inattentive employee of a company using Google Apps, all of the company's data and secrets will be vulnerable to the hackers.

According to Cellopoint's technical consultants, that more and more companies are considering adopting outsourced service models in keeping with the growing popularity of software as a service (SaaS). But these companies should make sure to take information security into consideration: Many well-known SaaS providers have had data leaks. For instance, employees at SalesForce have opened e-mail containing trojan horse viruses, leading to the theft of customer data. Everyone should be careful to prevent this kind of incident.

Cellopoint's Email Security Appliance can take care of e-mail security, e-mail audit, and e-mail backup management within your organization. It is less costly than outsourcing, simplifies management tasks, and improves policy implementation efficiency.

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Using social networking it gains the trust of receivers to open e-mail, and implants Trojan to the victim computers, theft of personal bank accounts. The truth is that the e-mail sender information has been faked or "spoofed." Whereas traditional phishing scams are designed to steal information from individuals, spear phishing scams work to gain access to a company's entire computer system. The original spear fishing limited to the financial sector for a number of listed companies or the behavior of amateur hackers, but recently the United States Association for Network Security System (SANS Institute) warning, a spear phishing may become international espionage and intelligence activities in a way. They discovered many phishing e-mail attacks of professional models that do not look like amateur hackers, and this is very organized. The suspected motive is not pure; there may be mastermind behind the scheme. Whatever behinds the scene, commercial secrets and national defense secrets are the most serious things we should protect. It will cause irreparable harm to companies or the public. Because hackers are hiding in a dark place, passive prevention is just basic, the auditing is more important to the private companies or public organizations of information access control. In addition to entities outside the control of information, the e-mail content filtering is most important and popular one. Whether outbound or inbound e-mails have to go through the e-mail firewall scanning and confirm no confidential contents before they are allowed to pass through. Even a personal computer inadvertently has been inserted Trojans, data will not be compromised.

Encountering these internet threats, Cellopoint lab suggests that the first thing to do certainly is to develop a complete set of security-control policies and patches enforcement to staff computers. Not only prevention, making timely response measures to prepare for data leakage from inadvertently infected computer. Such as adding an e-mail security auditing and monitoring mechanisms in the last hurdle. Even if employees' computers were compromised and embedded with the Trojan, we could first stop leakage of confidential information at gateway level before computers were inserted Trojan, as an extra key or another layer of protection to avoid regrettable occurrence.

National Communications Commission (NCC) of Taiwan reached an agreement last week's meeting that they will amend "Regulation of can spam management" in next year and propose to the Legislative Yuan. If the regulation passed, victims of spam will be able to claim compensation from spammers at maximum 2,000 NTD each. The total amount will be up to 20 million NTD per unique subject email. This is to improve the current situation of the spam proliferation. Looking at the trend, many countries are using legislative ways to punish and deter such acts, but it is very difficult to collect evidence while enforcing. Hackers were mostly utilizing foreign network location as a springboard. Law enforcement would need more international collaboration to solve the problem.

To the United States, the FBI announced last month that it has taken actions against botnet-runners (use of zombie computers to send spam hackers) by collecting evidence and arresting. It has charged eight American botnet - runners and one of them needs to be face a maximum 60 years in prison. The above-mentioned are aimed at hackers within U.S., but actually there are thousands of hackers and illegal companies actually in Russia, China and other places. Without true transnational cooperation, authorities are barely making a dent in the influx of spam, which are most pervasive in countries with lax laws. From the points of enterprises, even with the law is valid, it may too late to patch computers after they were attacked. The most important is earlier detection and prevention, not only to prevent external spam, but the prevention of in-house computers which compromised by hackers as the springboard. For internal monitoring, Cellopoint Email Firewall (CEF) supports outbound email scan. If an email does not behave normal, it will be isolated by CEF. The people in charge will be informed to confirm the delivery. After eliminating the possible of compromised computer, they can safeguard their reputation and remain a good corporate image.

【Notice of the federal Department of Justice】Such kind of frauds usually use phone or letter to thieve people’s identity and backing accounts. While consumers are the most obvious victims, the threat spreads far wider. Scammers are more targeted to company’s founders or finance managers. They send out an email that mail header contains receiver’s full name to lure these executives to open it. With email title usually pretends to be the name of some government agencies or the federal Department of Justice, it’s easy to win trust. The email is not asking for remittance or revealing personal information but to injure the recipient’s PC. When they open the attached files, Trojans will be implanted to steal commercial or financial information in order to obtain greater profit. Information likes merger news, business secrets or financial statements are the scammers’ target.
Cellopoint Lab says that staff did not have sufficient knowledge of fraud to identify the indicators that fraud may have been committed. Hackers can easily pass through the security firewall of hardware and software; and scam the personal account passwords and financial information. They can thieve or modify important information which causes poor reputation and it just get more serious as other forms of hacking attacks.

General mail counterfeiting practices include:
1. Header fraud: the mail subject is disguised as official document title, such as "2007 employees’ welfare purchase program", "XX general manager’s open letter to employees", "Information Center bulletin."
2. Bogus sender: pretend as colleagues, competitors, vendors, customers, or government institutions.
3. Content falsification: hackers intercept legitimate mail, doctor with the email content then sent to the recipient.
4. Fake URL links: lure users to click on a fake website.
5. Embedded e-mail form: a form with user’s input was transferred back to hackers.

Cellopoint Lab explains that the fundamental solution is to add identity verification to email, made it identified as a truly genuine sender / sending unit, and its content without being altered. Certificates can be applied on as email digital signatures. Sending email with digital signatures provides the Integrity of email, Authentication and Non-Repudiation. Just like a confirmation of the identity of senders or a security label, it prevents mail counterfeiting effectively.

Stat from Cellopoint Lab shows that Spammers raise spam attacks on the eve of the major national holidays has become a trend. The Storm Worm, dormant for several weeks, had come back. With Halloween spam email, it spread out everywhere and caused personal data leaking. Researcher of Cellopoint said that during the traditional holidays, such as Halloween, Thanksgiving and Christmas, etc., the social engineering is most effective. People are not guarded against of email with subjects “Halloween Party”. When they click it on, a downloader tries to grab Trojans without awareness, the computer will become a member of a zombie network, controlled by the Spammer to distribute more spam. In two weeks ago, the outbreak of the large number of pump-and-dump mp3 spam was through this way.

Thanksgiving Day and Christmas is around the corner, are you well prepared? Cellopoint e-mail firewall is a front-end mail gateway for your enterprise setting to the gateway to prevent all types of viruses, worms and Trojan horses into the mail servers. It protects all corporate network endpoint safety, and blocks the infecting opportunity from the source to reduce the burden on MIS and enhance corporate efficiency.

Since the outbreak of PDF in the recent months, people have been informed that they don’t need to worry too much on the security issues. There was no threat could be found in this type of attachments. But this has not lasted for too long, last week, Adobe released the latest patch to fix vulnerability. Hackers exploit the program's "mailto" command and send out bulk e-mails with dangerous PDF attachments. Due to it was told that the only risk to open it was fraud, the operating system that was still remained safe, people paid less attention about the PDF attachments. In fact, users are exposed the theft of large number of personal data are thieved.

From the view of Cellopoint Lab, applying patch as soon as possible is essential, but the best way is to stop from the source. Blocking malicious email from the flooding into inboxes and protecting users from threaten by virus, Cellopoint Email Firewall perfectly combines the anti-spam and anti-virus engines, stops malicious email at gateway layer, effectively alleviates the loading of mail servers and protects email clients. With intelligent content analysis technologies Cellopoint Email Firewall provides 9 layers protections and 7 X24X365 global real-time monitoring services. It can meet various network environments for quick installation and setting.

CGAC (Cellopoint global anti-spam center) detected a latest twist on pump-and-dump spam – audio (mp3) aimed at stirring up the stock. Spammers used the loophole that the current market that all anti-spam engines are unable to know the contents of voice files, they started delivering mp3 email. As users are not wary of audio email, spammers move to use it to entice victims. Such letters are usually no text content with the title is "Cool ringtones", "Wedding Music", and so on. By using social engineering practices, spammers induced the recipient to open it. Users paid less attention to mp3 files. After playing, a voice reads the pump-and-dump pitch. Current spam filtering products are no way yet to identify the content of audio files, and spammers are transforming the voice format and file size into circumvent anti-spam products scanning.

“The spam trend is almost expected” said by Cellopoint technology officer, pointed out that from images to PDF files and then to audio, spammers looked every chance to scam the money. In order to prevent audio spam, the content scanning cannot be relied solely, we must combine with the characteristics analysis and 7 * 24 * 365 monitoring at the first time to prevent mail servers and recipient mailboxes from spam entering. Cellopoint global anti-spam Center (CGAC) provides zero-day time protection through real-time monitoring and immediately updated ICA database effectively stopping the outbreak of the new twist on PDF and audio spam. Cellopoint reduces industry mainframe bandwidth depletion and mail load, and improves efficiency in the use of email, and prevent recipient exposed to the risk of phishing trap.

Trojan horse, the old way but is not out-of-date. While the detection rate has been increased by Anti-virus programs and more transactions security checks are adopted by financial institutions, the hackers must go to another door. The internet scammers turn to choose a simple and effective way – pump and dump though a flood of image spam-circulated.

At first Spammers pick a stock as a target and they buy it in a low price, then pumping it by sending mass spam. After the price is pumped up by the buying frenzy they create, the spammers quickly dump it for huge profits. It spreads news to drive up stock prices and gets extravagant profits through investors. Once spammers sell their shares, the price typically falls and people were stuck with the loss. In order to break through the traditional Anti-SPAM defense, they send an image or PDF Type spam disseminating different stock information. The targets are usually OTC stocks or microcap such as Pink Sheet instead of large trade volume of listed stock. Small equity units, low-priced, easy speculation are their characteristics. Such method is a legal gray area, which is not directly scamming money or stealing account information. In a technical point of view, having a PDF is much easier than writing a malicious backdoor programs and even not illegal.

Stat form CGAC (Cellopoint Global Anti-SPAM Center), many free mailboxes which using famous anti-spam software is unable to stop PDF spam effectively growing number of spam are put in user’ new-mail box. Recently, a large number of PDF spams are advocated an obscure stock -- Synegrate Corp. (SYGT.PK). During five days before outbreak of news, price of this stock has gone up from 5 to 19 cents of US dollars, profit has estimated more than hundreds of thousands of dollars. Cellopoint Lab examined for a large number of PDF spam and recorded feedback from the clients, we found that ICA feature database interception rate is 100 per cent. Cellopoint can effectively stop such PDF Spam from entering the client's mailboxes and prevent customers from mistakenly believing this kind of information.

Stats from Cellopoint global anti-spam Center (CGAC) shows the original form of PDF-spam had rapidly developed in different ways. The virus will mutate, so will spam. These changes still break through Anti-SPAM software and plague receivers. How to response to the latest PDF Spam variation and intercept them has become the important indicator among Anti-SPAM vendors.

During the first half of this year, PDF spam takes image spam’s place. Spammers change their tactics to various social engineering methods in a bid to get through anti-spam filter. When many anti-spam vendors claim that they can resolve Image SPAM, Spammers turn to deliver spam in PDF form. They even try to pack PDF spam as ZIP. Traditionally, collecting semantics or classification database is a temporary approach; it neither catches up with spam nor meets the performance requirements. This only makes the IT staffs completely exhausted.

The spam source, content and format changes frequently, but the behavior is similar, said by the spokesman of Cellopoint Labs. Whether the form of PDF variation or the recent outbreak of ZIP Spam bombs, all could be summed up special signs and had their own characteristic rules contributing ICA database. Adopting Cellopoint 7 * 24 * 365 full-time monitoring and automatic update services will effectively stop spam variant at 100 per cent and effectively protect the enterprise from spam attacks.

From text based spam to HTML, image to PDF, what’s the next?

August 1, 2007 Cellopoint Global Anti-spam Center (CGAC) announced the new ICA pattern for new type of ZIP spam. Following PDF spam, ZIP forms of spam have recently emerged, said by the head of CGAC. The ZIP spam contains a text or MS Office document with a stock promotion. Usually the attachment is no password protected; the mail Body is blank, and Subject might be the ZIP file name or empty.

Recipients must download the compressed file and decompress it then they are finally able to view the contents inside. The ZIP spam becomes a cumbersome email. Spammers sometimes also alter files types, like WINRAR disguised as ZIP. For those users cannot open them with the decompress tool built-in Windows, it takes much more time to cope with ZIP spam. The size of attachments is often small, but with mass inbound traffics would have huge effects in the whole mail system and the Intranet.

According to the report form Cellopoint on August 1, 2007, most of the recipients are not treating PDF and ZIP as spam before opening it. Spammers use social engineering variation to figure out how to reduce users’ psychological defense. Therefore, a breakthrough in the successful interception rate is higher than the Image spam. With various Anti-Spam products in support of resisting PDF spam, spammers increasingly adopt ZIP spam attacks. It’s easily bypassed by Anti-SPAM products. Users should be vigilant.

Founded in 2003, Cellopoint is a supplier of E-mail Security and Management. Headquartered in Taipei, Cellopoint has laboratories across Taipei and Hsinchu cities of Taiwan, collectively called Cellopoint Global Anti-spam Center (CGAC) that serve clients spanning small & medium enterprises (SME), large-scale firms, schools and government institutions, etc.