Once again, a hundred thousand or more home routers have been press-ganged into a spam-spewing botnet, this time via Universal Plug and Play (UPnP). According to brainiacs from 360 Netlab, the malware exploits vulnerabilities in a Broadcom UPnP implementation to infect vulnerable gateways, and that means a load of router …

Cybercrims are ramping up their efforts to target employees through fraudulent email and social media scams, according to a new study by email security firm Proofpoint. Retailers and government agencies saw huge quarter-on-quarter increases in email fraud attempts in calendar Q2, with attacks per company and agency soaring 91 …

A Welsh firm has been handed a £60,000 fine for spamming more than 270,000 pay-day loan texts around Christmas 2016. The UK's data protection watchdog doled out the penalty to STS Commercial Limited – which is registered as an IT service provider – after finding that the biz didn't have consent to send the messages, which …

Hotmail turned 22 today having ushered in an era of web-based email, great swathes of spam and one of the greatest ever security cock-ups. Launched on 4 July 1996, Hotmail offered "independence" (geddit?) from traditional ISP-based email, which required users download messages into a local reader. Hotmail allowed users to …

The internet has a case of .men behaving badly, based on new data from international watchdog Spamhaus. In a listing of the top ten worst top-level domains compiled by Spamhaus, .men has come top, followed somewhat bizarrely by .GQ, which is the country code for Equatorial Guinea but also happens to be the name of a famous men …

UpdatedSpamCannibal – a defunct service that issued blacklists of known spam servers – was hijacked early on Wednesday morning, spewing its own unwanted crap in the process. El Reg was tipped off by a reader who told us that SpamCannibal is "pumping out Blacklist notifications for some of our servers and then when you go to …

A gremlin within the spam filters in Microsoft's Office 365 today caused the cloud-based service to toss all incoming emails into the junk folder. On Wednesday afternoon, US West Coast time, IT administrators and users publicly complained of similar issues: their Office 365 email systems were marking legitimate messages as …

UpdatedGoogle has confirmed spammers can not only send out spoofed emails that appear to have been sent by Gmail users, but said messages also appear in those users' sent mail folders. The Chocolate Factory on Monday told The Register that someone has indeed created and sent spam with forged email headers. These not only override the …

Email newsletter distribution service MailChimp has promised to act on the abuse of accounts to send (frequently) malware-tainted spam. Security experts have been complaining with increasing frustration that the problem has been going on for months. MailChimp is widely used for sending newsletters, bulletins and in some cases …

UpdatedNamecheap has admitted it accidentally let miscreants set up and control fraudulent subdomains on websites belonging to other customers. These hijacked sites were subsequently used to host dodgy material. This caused them to be flagged up as malicious by Google's search engine, blocking netizens from visiting them, and piling …

The Information Commissioner's Office has fined four businesses £600,000 for spamming customers millions of times. The companies broke UK law by sending out unsolicited text messages, emails and phone calls between 2016 and 2017. Wales-based Barrington Claims made 15.2 million spam phone calls between May and June 2016, using …

Tenable Security has given itself two problems, by releasing a product its users don't like, and then adding them all to a support email group that's sending uncomfortable volumes of messages. The new product is Nessus Professional v7, which Tenable has declared is just fabulous thanks to new licensing, improved reports, and …

The UK's Information Commissioner's Office has fined Hamilton Digital Solutions £45,000 for sending spam text messages, it announced today, despite its protestations that a third party had been responsible. The London-based company (now known as HDSL) sent more than 156,000 unwanted messages between April and September 2016, …

Miscreants, hackers – call 'em what you will – have pilfered email addresses from an unknown number of Loake Shoes customers. In a letter sent to punters on its database – seen by The Register – the premium footwear maker said it has been "the victim of a cyber attack". "Despite having stringent security measures in place, …

A Bradford-based bank has been fined by the UK's data privacy watchdog for sending illegal marketing texts and emails. Vanquis Bank Limited spammed 870,849 text messages and 620,000 emails to promote its credit cards without the recipients' consent, which is against the law. The bank obtained the marketing lists used to send …

The 36-year-old Russian accused of herding pump-and-dump spambots will be tried in America, following a decision of a Spanish court. Peter Yuryevich Levashov was arrested in Spain in April 2017 and accused of running the Kelihos botnet. While early speculation floated the idea he was involved in election fiddling, his first …

An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution. Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing …

The company behind a taxi comparison app that sent more than 700,000 spam texts in the space of 10 days is facing a £45,000 by the UK's data protection watchdog. Cab Guru, a Cambridge based firm that raised $2.8m (£3.7m) in its March 2016 seed funding round, runs a comparison app that gives users the low-down on the prices and …