Cybercrime

Latvian ISP Closure Dents Cutwail Botnet ...for a Whole 48 Hours

From MessageLabs' latest report: "Real Host, an ISP based in Riga, Latvia was alleged to be linked to command-and-control servers for infected botnet computers, as well as being linked to malicious websites, phishing websites and 'rogue' anti-virus products. Real Host was disconnected by its upstream providers on 1 August 2009. The impact was immediately felt, where spam volumes dropped briefly by as much as 38% in the subsequent 48-hour period. Much of this spam was linked to the Cutwail botnet, currently one of the largest botnets and responsible for approximately 15-20% of all spam. Its activity levels fell by as much as 90% when Real Host was taken offline, but quickly recovered in a matter of days." more

Coronavirus Online Threats Going Viral, Part 2: Marketplaces

In the midst of the coronavirus crisis and the partial or total quarantines happening around the world, more people are turning to eCommerce for their purchases. This, combined with the increased demand for healthcare and healthcare-related products, is causing surges of activity on online marketplaces. Perhaps least surprising is the growth in the number of listings for cleaning and hygiene products (e.g., hand sanitizer), as well as facemasks... more

Concerns Over America’s WiFi Router Ban

America's FCC has barred new foreign-made consumer routers on security grounds, tightening supply for ISPs and households while raising costs and risking technological lag unless domestic manufacturing or approvals quickly expand in coming years significantly. more

Africa’s AI Governance Crisis Is Not a Regulatory Gap, It Is a Sovereignty Emergency

Africa's looming AI rules expose a deeper problem: foreign-controlled infrastructure, weak enforcement capacity and externally governed data flows are eroding digital sovereignty, leaving states unable to regulate, protect citizens or meet global obligations. more

Longevity of Phishing Websites Dropped by 25% Since Last Year, Study Finds

A new phishing survey released by the Anti-Phishing Work Group (APWG) reveals that the longevity of phishing Web sites dropped by 25 percent over the last year. The survey has also revealed that a single criminal syndicate dubbed "Avalanche" was responsible for nearly one quarter of all phishing attacks in the first half of 2009. Indications are that the gang is continuing to claim a larger proportion of all detected phishing attacks. more

The AI Effect: Why Brand Impersonation Is Becoming Industrialised

Generative AI has turned brand impersonation from a nuisance into an industrial-scale threat, eroding trust. As ICANN's 2026 round approaches, DotBrand domains promise a structural fix to spoofing that strategies failed to deliver in 2012. more

Five Things the UN Permanent Mechanism on Cybersecurity Must Actually Deliver

The UN's new permanent cybersecurity mechanism promises continuity after decades of fleeting forums, yet risks irrelevance unless states enforce existing law, bridge cybercrime divides, address AI threats, build practical capacity, and include non-state expertise meaningfully. more

How Bad Actors Are Leveraging DNS: Looking at the Latest Trends

Bad actors are exploiting DNS with growing sophistication. New domains dominate threat infrastructure, daily user exposures are rising, and AI is accelerating attack creation, making DNS intelligence an increasingly critical early-warning system for modern cyber defence. more

Securing Africa’s Digital Future: Why Cybersecurity Must Lead Digital Transformation

Africa's rapid digital expansion, from fintech to e-government, is outpacing its cybersecurity capacity, leaving critical systems exposed and trust at risk unless governments embed security as a core pillar of development across the continent today. more

Trusted Notifier Network (TNN) Core Concept 1: Unfair Cost Transfer and Reversal of Commercial Best

A flawed abuse-response system shifts costs from perpetrators to intermediaries, overwhelming enforcement. The Trusted Notifier Network seeks to realign incentives, curb low-quality reporting, and restore efficiency by embedding trust, accountability, and cost redistribution. more

Africa’s Digital Transformation Is Outpacing Its Cybersecurity Governance

Africa's digital boom is accelerating, but safeguards lag. Governments and firms deploy systems at speed, while weak enforcement and fragmented oversight leave economies exposed to mounting cyber risks. more

The Growing Role of Threat Intelligence in Internet Infrastructure Security

Threat intelligence is shifting from a passive feed to a core operational layer, helping infrastructure defenders connect fragmented signals, identify recurring attack patterns, and prioritise responses in an increasingly modular and fast-moving cybercrime ecosystem. more

Steven Bellovin Takes Aim at Cybersecurity Myths in New Book

Cybersecurity pioneer Steven Bellovin's new book strips away jargon and outdated online-safety advice, offering ordinary users practical guidance on passwords, phishing, privacy and digital habits in an era of constant cyber threats and increasingly sophisticated scams. more