Kicking off the sixth annual National Cybersecurity Awareness Month this October, the Department of Homeland Security (DHS) has urged computer users to practice good "cyber hygiene". The campaign was given a boost Wednesday when the Senate passed resolution 285 to support its goal to make U.S. citizens more aware of how to secure the internet. DHS has also announced that is has been given new authority to recruit and hire up to 1,000 cybersecurity professionals across the department to fill roles such as: cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. more
Anti-Phishing Working Group (APWG) released its latest Phishing Activity Trends Report today warning that the number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement. "The number of hijacked brands ascended to an all-time high of 310 in March and remained, in historical context, at an elevated level to the close of the half in June," says the report. more
The Internet Corporation for Assigned Names and Numbers (ICANN) has reached a major milestone today with a new agreement in place with the U.S. Department of Commerce allowing the organization greater independence and giving more countries oversight of the organization. more
According to reports today, the Australian federal government made a drastic change to a bill that could potentially allow ISPs to police online traffic. Karen Dearne of the Australian IT reports: "Electronic Frontiers Australia spokesman Geordie Guy said it was unclear if the draft Telecommunications (Interception and Access) Amendment Bill was an "attempt to sneak through" a wholesale expansion of intercepts of private emails and file-sharing or merely a badly drafted bill." more
At the end of this month, September 30th, the Joint Project Agreement (JPA) between the Internet Corporation for Assigned Names and Numbers (ICANN) and the U.S. Department of Commerce (DoC) will come to an end. While ICANN has affirmed its commitment in maintaining a long-term, formal relationship with the United States, talks of new changes and a more independent ICANN is intensifying as the expiration date is quickly approaching. For the next upcoming days, this page will be frequently updated with related news and updates. more
Ryan Naraine reporting at Threatpost: "Head of Google's anti-malvertising team Eric Davis wants Internet Service Providers (ISPs) to look beyond profits and take a more proactive approach to dealing with malware-infested computers on their networks. During a keynote presentation at the Virus Bulletin conference here, Davis said competitors in the ISP space must look beyond profits and partner on new initiatives to deal with the "parasites" that have taken control of the Internet landscape." more
Google today announced an early-stage open source plugin called Google Chrome Frame that aims to seamlessly allow use of open web technologies and faster JavaScript engines within Microsoft's Internet Explorer browser. In a blog post today Google says: "One challenge developers face in using these new technologies is that they are not yet supported by Internet Explorer. Developers can't afford to ignore IE -- most people use some version of IE -- so they end up spending lots of time implementing work-arounds or limiting the functionality of their apps." more
An open letter signed by various members of the domain name industry, including heads of some of the top domain name registries and registrars, was sent today to ICANN CEO and Board of Directors urging them to direct their staff to implement the introduction of new Top-Level Domains (TLDs) without further delay. "The time to act is now," says the letter for "many reason" including: Consumer Demand; Safety Considerations; Internet Stability; Innovation; ICANN’s own credibility more
As per earlier reports, U.S. Federal Communications Commission Chairman Julius Genachowski proposed new rules today requiring Internet service providers to treat all Internet traffic equally and allow users to access their networks with any device. more
VeriSign today released its second quarter 2009 Domain Name Industry Brief where it reports that the total base of domain name registrations across all of the Top-Level Domains [TLDs] has now reached 184 million. However the report also indicates that there has been a 15% decline compared to the same quarter last year. The largest TLDs in terms of base size are reported to be: .com, .cn, .de, .net, .org, .uk, .info, .nl (Netherlands), .eu (European Union), and .biz.
more
Earlier this year, ICANN began to seriously consider the various effects of adding DNS protocol features and new entries into the Root Zone. With the NTIA announcement that the Root Zone would be signed this year, a root scaling study team was formed to assess the scalability of the processes used to create and publish the Root Zone. Properly considered, this study should have lasted longer than the 120 days -- but the results suggest that scaling up the root zone is not without risk -- and these risks should be considered before "green-lighting" any significant changes to the root zone or its processes. I, for one, would be interested in any comments, observations, etc. (The caveats: This was, by most measures, a rush job. My spin: This is or should be a risk assessment tool.) Full report available here [PDF]. more
Contrary to previous security reports suggesting compromised machines remain infected for 6 weeks, experts at Trend Micro say these estimates are far from accurate. In its recent blog post the company said: "During the analysis of approximately 100 million compromised IP addresses, we identified that half of all IP addresses were infected for at least 300 days. That percentage rises to eighty percent if the minimum time is reduced to a month." Additionally the study also indicates that while three quarter of the IP addresses were linked to consumer users, the remaining quarter belonged to enterprise users. more
Security experts at RSA Research Lab have reported the discovery of a new type of phishing attack targeted against online banking customers that combines a typical phishing website with a live change session initiated by fraudsters. The technique dubbed "Chat-in-the-Middle" not only attempts to trick customers into entering their usernames and passwords into a phishing site but obtains further sensitive information (such as answers to secret questions used by banks to authenticate customers). According to the report, this attack is currently targeting a single U.S.-based financial institution, however operators of all online banking websites are cautioned. more
According to a new security report released today by SANS Institute, TippingPoint and Qualys, the number of vulnerabilities found in applications in the last few years is far greater than the number of vulnerabilities discovered in operating systems. "On average, major organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities. In other words the highest priority risk is getting less attention than the lower priority risk." more
An open letter from nearly 150 individual and organizational members of ICANN's Non-Commercial Users Constituency (NCUC) has been submitted to ICANN's board of directors and CEO. The letter has expresses serious concern over a recent ICANN Board decision regarding the restructuring of the Generic Names Supporting Organization (GNSO). From the letter: "We believe that the Noncommercial Stakeholder Group (NCSG) chartering process has been seriously flawed on both procedural and substantive grounds. We appeal to you to address these problems before permanent damage is done to ICANN's reputation, to the GNSO reform process, and to the interests of noncommercial users of the Internet." more
Sponsored byVerisign
Sponsored byRadix
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byVerisign