Dancho Danchev

Contributor

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis.ggMore details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Latest from Dancho Danchev

Show search filters
Campaign Monitor hacked, accounts used for spamming

Campaign Monitor hacked, accounts used for spamming

E-mail marketing software developer Campaign Monitor warned users today of a server compromise that took place during the weekend.The compromise allowed the attackers to gain access to customer accounts, which they abused by importing their own lists of harvested emails in order to launch spam campaigns using the clean IP reputation of their servers.

August 11, 2009 by in Servers

Plugins compromised in SquirrelMail's web server hack

Plugins compromised in SquirrelMail's web server hack

According to a recently posted update by SquirrelMail's Jonathan Angliss, the source code of three plugins was backdoored during the web server compromise of the popular web-based email application which took place last month.The compromised plugins were embedded with code that was forwarding accounting data to a server maintained by the people behind the hack, something SquirrelMail didn't acknowledge prior to announcing the web server compromise.

August 4, 2009 by in Servers

Fortune 500 companies use of email spoofing countermeasures declining

Fortune 500 companies use of email spoofing countermeasures declining

Here's a paradox - a technology originally meant to verify the sender of an email message for the sake of preventing spoofed messages from reaching the network, still hasn't been embraced by the world's biggest companies despite being around for years, but is actively used by adaptive spammers increasingly abusing legitimate services in order to take advantage of their identifiable email reputations.

August 18, 2008 by in Servers

DoS Attacks Using SQL Wildcards Revealed

DoS Attacks Using SQL Wildcards Revealed

Yesterday, Ferruh Mavituna of Portcullis released a whitepaper entitled "DoS Attacks Using SQL Wildcards", with some  insightful comments on how it's possible to multiply the attack tactics discussed to the point where not even a botnet would be needed to successfully accomplish them.Summary of the paper :This paper discusses abusing Microsoft SQL Query wildcards to consume CPU in database servers.

May 20, 2008 by in Servers