Category Archives: News

ALERT: major brute-force password-guessing attack on WordPress sites underway

There’s a significant attack by a botnet on WordPress sites, where the bots are trying to guess the passwords of common admin logins. More info: http://arstechnica.com/security/2013/04/huge-attack-on-wordpress-sites-could-spawn-never-before-seen-super-botnet/ If you are using WordPress and are using a common username or a common password, change it immediately to something less obvious. Update your WordPress admin password when in… Read More »

Planned maintenance: dc.his.com, mail.his.com upgrades – Done

In order to expand disk space to accommodate larger user disk allowances, Zimbra servers mail.his.com and dc.his.com will be taken offline briefly this weekend: mail.his.com – starting at 3 AM EDT, Saturday, April 6th – COMPLETED 5:20 AM April 6 dc.his.com – starting at 3 AM EDT, Sunday, April 7th – COMPLETED with no downtime.

Warning: ‘Webmail Account Warning’ message is bogus.

This bogus email is making the rounds and seems to be slipping past spam filters at the moment. If you get one of these messages, delete it. The link in the message takes you to a form that asks you to enter your email address and password. If you do this, you can count on… Read More »

Phishing/Malware email

We’re seeing a significant increase in the number of ‘phishing’ and malware email messages. Most of these are being stopped by Postini’s spam/virus filters, but some are getting through, and some are getting past our own spam/virus filters that we use to supplement Postini. These messages are well crafted and look like legitimate email from… Read More »

Using strong passwords

Over the past few months we’ve seen an enormous jump in the number of password-guessing attacks on our mail servers. The attackers are spammers who are trying to get access to legitimate accounts so they can send spam. We have software in place that identifies and blocks these attacks, but if a password is too… Read More »

Bogus emails from his.com

Some HIS customers reported getting emails pretending to be from his.com and containing a bogus alert message. From: “his.com support” <admin@his.com> Subject: his.com account notification or Subject: Returned mail: see transcript for details From: domains@megginson.com We are blocking them on our SPAm filters. However, if you received one of those Do not click on any… Read More »

Facebook Phishing Email

We’ve started seeing email that looks like this: (This is just a screengrab image – the links above aren’t live). The message looks real enough (which is the idea) but it did not come from Facebook. The link actually goes to servers in 15 locations in Korea, Japan, Brazil, Hungary, Poland and the Ukraine, where… Read More »