Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The Sunday Herald reported on Sunday that Best Western was struck by a trojan attack that lead to the possible compromise of about 8 million victims. There is some debate as to the extent of the breach and not a small amount of rumor going around. I'm not entirely disposed to trust corporate press releases for the facts, nor am I going to blindly accept claims of security researchers whose first call is to the PR team when discovering a problem. That said, here is what seems to be the agreed upon facts... more
Following in the footsteps of Lethic, Waledac and Mariposa, yet another botnet has been taken offline. Not completely, though, it was only a partial disconnect. The Zeus botnet, also known as Zbot, is a trojan password stealer that captures passwords and sends them to the attacker. more
In part two of The [Dot] Brand Tribes we argued that introducing new branded generic Top-Level Domains (gTLDs) would bring value to brand owners and have positive effects on customer recognition. In this last post we'll continue that theme and talk about how brand owners can come together to provide shared spaces using the banking industry as an example. more
Recent study indicates that US continues to widen its lead as the number one country when it comes to hosting phishing sites. According to the latest Brandjacking Index just released by MarkMonitor, US-hosted phishing sites grew by ten percent from last quarter -- up from 36 percent to 46 percent. Canada is now at second position with 4.7 percent of all phishing attacks, followed by the Russian Federation (4.5 percent), France (4 percent), and Denmark (4 percent). more
Under a draft legislation approved by the Internal Market and Consumer Protection Committee on Tuesday, national enforcement authorities would be required to have a set of powers to detect and halt online breaches of consumers' rights across the European Union. more
Negotiations for a U.N. cybercrime convention have reached a critical stage at the fourth round of discussions in Vienna. Delegates from over 150 states have met for over 100 hours to discuss the proposed convention, which has been met with skepticism from some states, nongovernmental organizations, and other stakeholders more
In this part I want to focus on the gathering of cyber crime data. Are there best practices in the world on how cyber crime data is reported to law enforcement and aggregated to show the impact of said crime? Previously the discussion focused on the fact that cyber crime = crime and on a basic cyber (crime) training for every police officer. From the reactions this received, it is clear that some people see this as a possible solution. more
A recent study suggests Rustock and Xarvester malware provided the most efficient spambot code, enabling individual zombie computers to send 600,000 spam messages each over a 24 hour period. "Over the past few years, botnets have revolutionized the spam industry and pushed spam volumes to epidemic proportions despite the best efforts of law enforcement and the computer security industry. Our intention was to better understand the origins of spam, and the malware that drives it," said Phil Hay, senior threat analyst, TRACElabs (a research arm of security company Marshal8e6)... more
Afghanistan's President Ashraf Ghani has signed into law a cybercrime bill this week targeting online crime and militancy by groups such as the Taliban and Islamic State despite concerns it could limit free speech. more
There are new threats that you may have already been exposed to. Here are some of the new threats and advice on how to protect yourself. During this pandemic, Zoom has emerged as a very popular teleconferencing choice for companies and educational institutions, but a new weakness for Zoom was also discovered. Some online conferences and classes that had not password protected their sessions fell victim to eavesdroppers using the screen sharing feature to "Zoom Bomb" those sessions with graphic images. more
Brian Krebs reporting in Krebs on Secruity: "The Obama administration is inviting leaders of the top Internet domain name registrars and registries to attend a three-hour meeting at the White House next month about voluntary ways to crack down on Web sites that are selling counterfeit prescription medications..." more
J. Nicholas Hoover reporting in InformationWeek: "The White House on Wednesday issued an update of the Obama administration's ongoing cybersecurity work, detailing some of the steps being taken in an effort to secure the nation's networks against cyber attacks and in the process offering some new insight into the administration's future plans. The progress report, issued immediately after a meeting held by White House cybersecurity coordinator Howard Schmidt with agency secretaries, cybersecurity experts..." more
A new study has been released by Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th President that looks into cybersecurity manpower challenges in the United States. The report titled, "A Human Capital Crisis in Cybersecurity," is produced by CSIS - a bipartisan public and foreign policy think tank in Washington. more
Pawn Storm, also known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM, is a cyber espionage organization operating for over a decade which has been particularly aggressive in the past few years. more
Talking technical is easy. Distilling technical detail, complex threats and operation nuances down to something that can be consumed by people whose responsibility for dealing with cybercrime lays three levels below them in their organizational hierarchy is somewhat more difficult. Since so many readers here have strong technical backgrounds and often face the task of educating upwards within their own organizations, I figured I'd share 4 slides from my recent presentation that may be helpful in communicating how the world has changed. more
A World-Renowned Source for Internet Developments. Serving Since 2002.