Cyberattack

Cyberattack / Most Viewed

New Study Highlights Growing Risk, Lack of Urgency with Mobile and IoT Application Security

Despite widespread concern about the security of mobile and Internet of Things (IoT) applications, organizations are ill-prepared for the risks they pose, according to a research report issued today from Ponemon Institute, IBM Security, and Arxan Technologies. more

Last Decade in Spam

CAUCE, the Coalition Against Unsolicited Commercial Email, has looked back at the notable events of the last decade in our industry. Each year/link in the post explodes to a discrete blog entry with a month-by-month break-out of notable events. more

1.3 Tbps DDoS Attack Against GitHub is Largest Attack Seen to Date, Says Akamai

According to Akamai, the incident was the largest attack seen to date, "more than twice the size of the September 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed." more

Diving Into the DNS

If you are at all interested in how the Internet's Domain Name System (DNS) works, then one of the most rewarding meetings that is dedicated to this topic is the DNS OARC workshops. I attended the spring workshop in Amsterdam in early May, and the following are my impressions from the presentations and discussion. What makes these meetings unique in the context of DNS is the way it combines operations and research, bringing together researchers, builders and maintainers of DNS software systems, and operators of DNS infrastructure services into a single room and a broad and insightful conversation. more

Are Botnets Run by Spy Agencies?

A recent story today about discussions for an official defense Botnet in the USA prompted me to post a question I've been asking for the last year. Are some of the world's botnets secretly run by intelligence agencies, and if not, why not? Some estimates suggest that up to 1/3 of PCs are secretly part of a botnet. The main use of botnets is sending spam, but they are also used for DDOS extortion attacks and presumably other nasty things like identity theft. But consider this... more

South Korean Banks Receive DDoS Threat from Hacker Group, Record Ransomware Payment Demanded

Various sources including South Korea's news agency Yonhap are reporting that a hacker group has threatened to launch a DDoS attack against seven South Korean banks unless they pay about 360 million won (US$315,000) in bitcoin. more

Large Volume of DNSSEC Amplification DDoS Observed, Akamai Reports

A dramatic increase in DNS reflection/amplification DDoS attacks abusing Domain Name System Security Extension (DNSSEC) configured domains have been observed in the past few months, according to a security bulletin released by Akamai’s Security Intelligence Response Team (SIRT). more

Internet Management and National Security: Time for a Federal Action Plan

Former CIA Director George Tenet recently gave a speech highlighting the need for federal action on internet management in order to protect national security. As reported by the online edition of Government Executive, Mr. Tenet explained that, "greater government regulation of the Internet and telecommunications networks is needed in order to guard against terrorist attacks." more

Epsilon Interactive Breach the Fukushima of the Email Industry

A series of attacks on the Email Service Provider (ESP) community began in late 2009. The criminals spear-phish their way into these companies that provide out-sourced mailing infrastructure to their clients, who are companies of all types and sizes. ... On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially. Email lists of at least eight financial institutions were stolen. more

Spam Fighting: Lessons from Jack Bauer?

As I blogged about several months ago, as did numerous other anti-spam bloggers, David Ritz was sued by Jeffrey Reynolds and a judge in North Dakota agreed with Reynolds. At the heart of the case was that Ritz engaged in anti-spam activities using techniques known only to a small subset of advanced computer users, and used these techniques maliciously against Reynolds... Back in the olden days of spam fighting, some anti-spammers used to use malicious techniques against spammers in order to shut them down... more

World Body Declares Cyber Security Top Issue

Sovereign nations around the globe have clearly defined borders, but as attendees were shown at a UN Conference several years ago, cybercrime is a borderless phenomenon. In 2011 Norton Security released statistics that showed that every 14 seconds an adult is a victim of cybercrime and the numbers are growing. As internet use grows, so does the amount and type of information streaming across the web. This information crosses transnational lines, public and private sectors. more

McAfee Labs 2018 Report Reveals 480 New Threats Per Minute, Sharp Increase in IoT-Focused Malware

In its latest quarterly report, McAfee Labs has reported seeing an average of 480 new threats per minute and a sharp increase in malware targeting IoT devices. more

Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks

Domain names, domain name systems (DNS), and digital certificates are fundamental components of the most important applications that enable your company to conduct business - including your website, email, voice-over IP, and more. However, these vital applications are being attacked with an increasingly high level of sophistication and severity. more

Criminals Using New Phishing Techniques to Hide from Victims and Investigators, Reports APWG

According to the APWG's new Phishing Activity Trends Report released today, phishers are using new techniques to carry out their attacks and hide their origins in order to make the most of every phishing campaign. more

Thought Leaders Create New Trends & Solutions, Followers Just Follow - Which Are You?

Last week I asked on a post elsewhere, why we, at the MLi Group, chose to consider speakers, panelists, supporters and sponsors at our Global Summit Series (GSS) as "Thought Leaders" and "Trend Setters? Many wrote me directly offering their answers and then it dawned on me that my answer may (or may not) get appreciated by many at the ICANN community. So here is why we do. more