Cybercrime

Cybercrime / Featured Blogs

Understanding the Modern DDoS Threat

May 10, 2011

The breadth of cyber threats that an organization must engage with and combat seemingly change on a daily basis. Each new technology, vulnerability or exploit vector results in a new threat that must be protected against. Meanwhile some forms of attack never appear to age -- they remain a threat to business continuity despite years of advances in defensive strategy. One particularly insidious and never-ending threat is that of the Distributed Denial of Service (DDoS) attack. more

Responsibilities of the DNS: “Oh YES you will!”, “Oh NO you will not!”

May 09, 2011

What is the responsibility of the DNS? Should the DNS be responsible for policing traffic across its infrastructure? Should the blocking and blacklisting of names or throttling of query packets be the responsibility of the DNS? From experience I know my opening paragraph has started passionate debates in more than one section of this globe. We at CommunityDNS have found ourselves right in the middle of such heated debates. "Oh YES you will!", "Oh NO you will not!more

Why Isn’t Mobile Malware More Popular?

May 09, 2011

This is a followup to Wout de Natris' as usual excellent piece on the Enisa botnet report -- pointing out the current state of mobile malware and asking some questions I started off answering in a comment but it grew to a length where I thought it'd be better off in its own post. Going through previous iterations of Mikko's presentations on mobile malware is a fascinating exercise. more

Defending the Network Several Times Over

May 09, 2011

Modern networks can be attacked in a variety of ways, meaning that companies need different types of protection. This article explains some of the risks involved, and provides some easy ways to deal with them. more

The ENISA Botnet Report: Thoughts on the State of Play in Smart Phones

May 09, 2011

At the ENISA presentation on her botnet report at eco in Cologne, 9 and 10 March, one of the slots was dedicated to threats to the mobile environment. The message I was supposed to come home with was: we can still count the numbers of mobile viruses manually, <600; the problem will never be the same as on a fixed network as traffic is monitored and metered: We detect it straight away. We are studying the problem seriously. Are mobile operators really prepared for what is coming? more

Defending Against the Hackers of 1995

Apr 29, 2011

Two factor authentication that uses an uncopyable physical device (such as a cellphone or a security token) as a second factor mitigates most of these threats very effectively. Weaker two factor authentication using digital certificates is a little easier to misuse (as the user can share the certificate with others, or have it copied without them noticing) but still a lot better than a password. Security problems solved, then? more

What Next for Email Service Providers?

Apr 28, 2011

It's been a very bad month for ESPs, companies that handle bulk mailings for their clients. Several of them have had internal security breaches, leaking client information, client mailing lists, or both. Many have also seen clients compromised, with the compromised credentials used to send spam. The sequence of events suggests all the ESPs whose clients were compromised were themselves compromised first. (That's how the crooks knew who to attack.) more

9 Thoughts on Stepping Up Spam and Malware Enforcement

Apr 18, 2011

In a tweet, EU commissioner for the Information Society Neelie Kroes congratulates OPTA on the spam fine for the golf ball printing company Backsound. Since 2004 the Dutch OPTA is the number one spam and malware fighter of the EU with a total of €1.9 million in fines. It made me ask two question to myself: How come that we seldom hear of other spam fines in the EU? And can the EU change this in any way? more

The Distribution of Botnets Since Rustock Went Down

Apr 15, 2011

I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more

The Epsilon Phishing Model

Apr 09, 2011

Phishing researcher Gary Warner's always interesting blog offers some fresh perspective on clicking links on emails, as the crux of the phishing problem. Gary writes: "There is a saying 'if you give a man a fish, he'll eat for a day, but if you teach a man to fish, he can feed himself for a lifetime.' In the case of the Epsilon email breach the saying might be 'if you teach a man to be phished, he'll be a victim for a lifetime.' In order to illustrate my point, let's look at a few of the security flaws in the business model of email-based marketing, using Epsilon Interactive and their communications as some examples." more

Industry Updates

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Profiling a Popular DDoS Booter Service’s Ecosystem

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

Investigating the UNC2975 Malvertising Campaign Infrastructure

A Log4Shell Malware Campaign in the DNS Spotlight

A Fake ID Marketplace under the DNS Lens

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Rogue Bulletproof Hosts May Still Be Alive and Kicking as DNS Intel Shows

Phisher Abusing .com TLD?

The Makings of ADHUBLLKA According to the DNS

Thawing IcedID Out Through a DNS Analysis

New CSC Research Indicates Launch of Threads by Instagram is Already a Growing Target for Fraud and Brand Abuse

  • By CSC
  • Aug 23, 2023

WhiteSnake Stealer Serpentines through the DNS

View More