Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In an interview with GovInfoSecurity, Sen. Thomas Carper said that the U.S. Senate is considering attaching cybersecurity legislation to a defense authorizations bill. Though clearly a ploy to be able to say "we did something about those evil hackers" before the elections, CAUCE applauds the attempt. There can be no doubt that the United States (and many other countries) sorely needs better laws to deal with these threats. more
Phishing is when bad guys try to impersonate a trusted organization, so they can steal your credentials. Typically they'll send you a fake e-mail that appears to be from a bank, with a link to a fake website that also looks like the bank. Malware offers another more insidious way to steal your credentials, by running unwanted code on your computer... I like VeriSign's characterization of this kind of malware as an insecure endpoint, the PC which is the endpoint of the conversation with the bank isn't actually under the control of the person who's using it. more
In the US administration, we see important people like incoming Secretary of Defense Leon Panetta say at his Senate confirmation hearing that "a strong likelihood that the next Pearl Harbor" could well be a cyberattack that cripples the U.S. power grid and financial and government systems. He also said that cybersecurity will be one of the main focuses of his tenure at the Pentagon. But when you look at what is actually happening in cyber security, there is more position jockeying than there is real progress. more
In 2012 I wrote a blog on CircleID called State hacking: Do's and don'ts, pros and cons. In this post I give some thoughts to the concept of a government "hacking back" at criminals. The reason for this was an announcement by the Dutch government that it contemplated law along these lines. The proposed law is now here: the Act Computer Criminality III. more
The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more
I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more
The international community has long struggled with the challenge of translating international law into actionable norms and practices in cyberspace. The conclusion of the United Nations Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies 2021-2025 marks a vital milestone in that ongoing process. more
As cyber security as a field has grown in scope and influence, it has effectively become an 'ecosystem' of multiple players, all of whom either participate in or influence the way the field develops and/or operates. It's increasingly evident that, more than ever, it is crucial for those players to collaborate and work together to enhance the security posture of communities, nations and the globe. more
A web domain name is the foundational piece of internet property allowing its owner (registrant) to construct and host an associated website. On a domain, the owner is also able to construct whatever subdomains they wish -- a process that is technically achieved via the configuration of records on the authoritative domain name system (DNS) server. more
During the 4th quarter of 2014, a record number of malware variants were detected -- an average of 255,000 new threats each day, according a recent report by Anti-Phishing Working Group (APWG). The group further reports that the number of unique phishing reports submitted to APWG during Q4 was 197,252 -- an increase of 18 percent from the 163,333 received in Q3 of 2014. more
Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more
Major US bank Capital One Financial Corporation confirmed Monday evening that unauthorized access was made by an outside individual who obtained "certain types of personal information" on credit card products and Capital One credit card customers. more
With the COVID-19 pandemic persisting, online shopping will be the preferred method for the 2020 holiday shopping season. While staying home to shop is the safest option right now, it means consumers are more vulnerable to online fraud, counterfeits, and cyber crime. Increased online activity provides opportunities for unscrupulous infringers to abuse trusted brand names to drive visitors to their own fraudulent content. more
Internet use has become ever more pervasive. With around five billion global users, it generates an economy of around 15% of global gross domestic product (GDP); that's around $15 trillion and is a figure that's growing 2.5 times faster than GDP itself. This makes the internet an attractive channel for infringers. Phishing and other fraud tactics, selling counterfeit goods online, and digital piracy are primary areas of concern. more
A few days ago, ABC News ran an "investigative" piece called "Group Probes Ease and Danger of Buying Steroids Online." ABC describes the "group" at issue as "an online watchdog," the Digital Citizens Alliance. That group determined that some of the millions of available YouTube videos encourage steroid use and that YouTube (which is owned by Google) places ads next to steroid-related videos and search results. They argue that Google and YouTube should be held legally responsible for any illegal content linked or posted. more
A World-Renowned Source for Internet Developments. Serving Since 2002.