Cybersecurity |
Sponsored by |
|
I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more
The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more
I recently wrote about the encouraging level of DNSSEC adoption among top-level domain name registries, and noted that adoption at the second level and in applications is an important next step for adding more security to the DNS. The root and approximately 20 percent of the top level domains are now signed; it is time for registrars and recursive DNS servers operated by the ISPs to occupy center stage. more
There has been a lot of talk, blogging, tweeting and press reportage about the Epsilon breach, but little in the way of concrete information to consumers as to where they stand, if their personal information (PII) such as their name and email address has been lost to criminals. The CAUCE Board of Directors have developed the following FAQ that provides facts and guidance for those affected by the breach. more
Phishing researcher Gary Warner's always interesting blog offers some fresh perspective on clicking links on emails, as the crux of the phishing problem. Gary writes: "There is a saying 'if you give a man a fish, he'll eat for a day, but if you teach a man to fish, he can feed himself for a lifetime.' In the case of the Epsilon email breach the saying might be 'if you teach a man to be phished, he'll be a victim for a lifetime.' In order to illustrate my point, let's look at a few of the security flaws in the business model of email-based marketing, using Epsilon Interactive and their communications as some examples." more
In a SecurityWeek article today, Ram Mohan writes: "Just over two years ago, the Internet held its breath. The high-profile, widely proliferated Conficker worm had been in the wild from October 2008; its largest mutation was revealed in February 2009, with a widely publicized activation date of April 1, 2009. ... What we do know: Conficker could have proved much more damaging than it ultimately did, and the threat has not entirely disappeared." more
DNS Security Extensions (DNSSEC) has been deployed for .COM, Internet's largest domain extension with more than 90 million registrations. The announced was made today by VeriSign, the registry operator for .COM. more
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more
In September 2009, the Obama Administration announced the Federal Cloud Computing Initiative. As the government's CIO explained, cloud computing "has the potential to greatly reduce waste, increase data center efficiency and utilization rates, and lower operating costs." The Federal Risk and Authorization Management Program (FedRAMP) addresses the key elements of a cloud computing framework for federal agencies. more
Over at the site V3.co.uk, they have an article up today alleging that since the Rustock takedown two weeks ago, the bagle botnet has moved to take over as the botnet that is responsible for sending the most spam. They have not replaced Rustock's total spam volume, only that they are now the number one spam sending botnet. more
The recent attack on the Comodo Certification Authority has not only shown how vulnerable the current public key infrastructure is, but also that the protocols (e.g., OSCP) used to mitigate these vulnerabilities once exploited, are not in use, not implemented correctly or not even implemented at all. Is this the beginning of the death of the PKI dragons and what alternatives do we have? more
On Wednesday 16 March the Serious Organised Crime Agency organised a meeting in London with the RIPE NCC. For the second time law enforcers from the whole world met with the RIPE NCC and RIPE community representatives to discuss cooperation. RIPE NCC staged several very interesting presentations that showed the LEAs the importance of the work done within RIPE and ARIN, the information RIPE NCC has and the relevance of all this to LEAs. Also issues were addressed that can potentially be harmful to future investigations. more
Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more
As a strong proponent of the private right of action for all Internet endpoints and users, I've long been aware of the costs in complexity and chaos of any kind of "blocking" that deliberately keeps something from working. I saw this as a founder at MAPS back in 1997 or so when we created the first RBL to put some distributed controls in place to prevent the transmission of unwanted e-mail from low reputation Internet addresses. What we saw was that in addition to the expected costs (to spammers) and benefits (to victims) of this new technology there were unintended costs to system and network operators whose diagnostic and repair work for problems related to e-mail delivery was made more complex because of the new consideration for every trouble ticket: "was this e-mail message blocked or on purpose?" more
A World-Renowned Source for Internet Developments. Serving Since 2002.