Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In her blog EU Commissioner Neelie Kroes blogs on her stance on cloud computing. In short: this is a good development which the EU will embrace and advocate, but may need regulation in order to ensure a safe environment for industry and individuals in the cloud. Here's some thoughts on that. more
Recently I joined my son, who is in his final high school year, to visit the open day of the newly founded Leiden University College in The Hague. The school focuses on Liberal Arts & Science and offers a broad education on (international) politics, philosophy and economy. The idea is to prepare the next generation internationally oriented public servants and leaders of the future. Among others they have former Dutch Minister of Foreign affairs and Secretary General of NATO Jaap de Hoop Scheffer as a college professor. more
Spear phishing is the unholy love child of email spam and social engineering. It refers to when a message is specifically crafted, using either public or previously stolen information, to fool the recipient into believing that it's legitimate. This personalization is usually fairly general, like mentioning the recipient's employer (easily gleaned from their domain name.) Sometimes they address you by name. Much scarier is when they use more deeply personal information stolen from one of your contacts... more
In the past few months, a flurry of gift card scams leveraging such high-profile brands as Best Buy, Whole Foods and IKEA have emerged on Facebook. These scams often use the brand's logo, website URL, or general "look and feel" on Facebook "fan" pages to give the impression that these offers are legitimate. Some scams are even bold enough to include bogus, non-interactive fan comments to add a greater sense of authenticity to the gift card offer. To date, these scams have been successful at tricking tens of thousands of consumers. In just one day, for example, a fan page titled "IKEA Get a FREE $1000 IKEA Gift Card! (ONLY AVAILABLE 1 DAY)" registered 40,000 fans before being shut down. more
Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more
I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more
The Internet has two billion global users, and the developing world is just hitting its growth phase. Mobile data traffic is doubling every year, and soon all four billion mobile phones will access the Net. In 2008, according to a new UC-San Diego study, Americans consumed over 3,600 exabytes of information, or an average of 34 gigabytes per person per day. Microsoft researchers argue in a new book, "The Fourth Paradigm," that an "exaflood" of real-world and experimental data is changing the very nature of science itself. We need completely new strategies, they write, to "capture, curate, and analyze" these unimaginably large waves of information. more
Garth Bruen writes: Within the next few weeks Google plans to update its pharmacy policy which will restrict pharmacy advertisements. Once in effect, the updated policy will only allow VIPPS and CIPA certified pharmacies to advertise. Additionally these pharmacies can only target ads within their country. more
About a week ago, I posted that Australia was getting ISPs to boot infected computers off of their network. I commented on whether or not this was a good policy. However, there was one thing in that article that I wanted to comment on but didn't... more
I am proud (or disappointed) to announce the 8th annual MIT Spam Conference, March 25th and 26th at MIT in Cambridge, Massachusetts. A regular research competition that brings out the best minds in the fight against unsolicited email. At this point it would be helpful to provide a little background on the conference and remind everyone that the Call For Papers is still open. more
It is inconceivable that anyone within viewing distance of a television or computer screen this week doesn't know about the disaster in Haiti. As of this writing, 50,000 bodies have been collected from the streets of Port-au-Prince. Millions of people, a number our brains simply aren't equipped to deal with, are now homeless. Help is needed now, and will be, for a very long time. more
CAUCE, the Coalition Against Unsolicited Commercial Email, has looked back at the notable events of the last decade in our industry. Each year/link in the post explodes to a discrete blog entry with a month-by-month break-out of notable events. more
Dennis Fisher of Thread Post reports: "The malware writers and criminals who run botnets for years have been using shared hosting platforms and so-called bulletproof hosting providers as bases of operations for their online crimes. But, as law enforcement agencies and security experts have moved to take these providers offline, the criminals have taken the next step and begun setting up their own virtual data centers." more
Reported today on BBC: "Police chiefs are urging people looking for work during the recession to be alert to online scams that trick them into laundering money. The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit 'money mules'. The 'mules are ordinary people who send and receive payments through their bank accounts to facilitate business." Neil Schwartzman has also informed us of a related report by RSA FraudAction Research Lab based on several months of tracking various reshipping scams engineered by online fraudsters. more
There are thousands of articles perpetuating the claim that China is out to get us on the Internet. And yet, all these discussions are begging the question, is it China attacking? Also, are they even the "usual suspects"?
While I can point to real facts of China making active use of information warfare, cyber warfare, or whatever else you choose to call it (such as the release of 0 days being patched by Microsoft and originally reported by the Taiwanese government, search Microsoft's site), I can also point to Germany (intelligence Trojan horse), the US (The Farewell Dossier) and other countries such as North Korea (without much detail, so questioned)... more
A World-Renowned Source for Internet Developments. Serving Since 2002.