A Day Without SPAM is, well, Rare

A couple of interesting security announcements today, one positive and one much less so.

On the positive side, Microsoft has released Forefront Security of Exchange Server SP1 Beta 2 just in time for the release of Exchange Server SP1 Beta 2. The really good part about this is the recognition that security is a critical part of any application suite. According to the press release, the new version offers IPv6 support, improved filtering for profanity (in 11 languages, yet), better integration with Microsoft System Center Operations Manager, and more flexibility in dealing with ZIP and RAR files as attachments. More information on the product is available from Microsoft.

The less-good announcment came from Proofpoint, which says that there has been a spike in SPAM using .PDF files as a payload. How big is the spike? It’s up 500% in the last two week, with .PDF spam accounting for roughly 25% of all SPAM on August 13. I don’t have independent verification of their numbers, but in my own in-box I’ve seen a dramatic rise in the number of .PDF SPAM messages. We’re already seeing more product that claim to deal with this sort of problem (oddly enough, Proofpoint has one of these products), and I think it’s heading towards being a check-box requirement for any product that claims to provide e-mail security.

As if e-mail security weren’t enough of a challenge to an IT staff, over at the Zero Day Security blog, Matt Hines fills us in on the amount of user silliness going on with FaceBook. It turns out that some people believe no one with bad intentions ever looks at Facebook entries. I like to call these blissfully ignorant people “victims”. If they haven’t been hit yet, they will. I can offer only sympathy to their security teams.