Cybersecurity

Sponsored
by

Cybersecurity / Most Commented

Air Travel Security: Practical Industry Suggestions From Us

I am just a security guy, as are many others who will read this. Perhaps it is time us "simple" security guys got together and wrote some recommendations for air travel security? Get out your voice out there as an organized professional group which can in turn lobby for our professional recommendations... Here are mine, just to get the ball rolling... more

Project Honey Pot: 1 Billion Spammers Served

Coen Dijkgraaf writes: "Project Honey Pot is a community of tens of thousands of web and email administrators from more than 170 countries around the world who are working together to track online fraud and abuse. The Project has been online since 2004 and each day receives millions of email and comment spam messages which are catalogued and shared with law enforcement and security partners. On Wednesday, December 9, 2009 at 06:20 (GMT) Project Honey Pot received its billionth email spam message. For the full article and some intersting statistics about spamming, see 1 Billion Spammers Served." more

Cyber Terrorism Is a Real Threat, and for the First Time Both Russia and the US Acknowledge It

Eugene Kaspersky, CEO and co-founder of Internet security giant Kaspersky Lab said last week that "terrorists could build a botnet that could bring down the entire Internet structure". Mr. Kaspersky ended his speech with the statement that "a global cyber police force, and global cooperation between law enforcement agencies and governments is needed". This goes very much in accordance with some of the conclusions in the Cyberspace Policy Review more

Online Drug Traffic and Registrar Policy

Last month I published an article called "What's Driving Spam and Domain Fraud? Illicit Drug Traffic" which explained how the many of the troublesome online crime issues are related to the online sale of narcotics and dodgy pharmaceuticals. Since this article was published we have witnessed one of the largest international law enforcement efforts against online drug traffic (Operation Pangea II)... more

Vietnam Primary Source of Spam in November

Vietnam is now responsible for more than 10% of the worlds spam, according to threat analysis from managed security firm, Network Box. November saw malware threat levels remain consistently high with Vietnam taking the number one spam spot from last month’s chart topper, Brazil. more

2009 Domain Name Year in Review

To say that it's been quite a year in the world of domain names would be an understatement. From compromised country code Top-Level Domains (ccTLD) registries, to the delay of new generic Top-Level Domains (gTLDs), some of the events of the past year have been surprising, while others could easily have been predicted. Regardless of whether you could have seen these coming, please find below my list of 2009's most important domain name events...at least, as I see them. more

Information Warfare Publicly Admitted, No Longer Just a Tool for Espionage

Gadi Evron reporting today on Dark Reading: "A National Journal Magazine article called "The Cyberwar Plan" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however. The article describes several issues and that in my opinion confuses what matters..." more

Announcement: Critical Internet Infrastructure WG is Now Open to Public Participation

ISOTF Critical Internet Infrastructure WG is now open to public participation. The group holds top experts on internet technology, critical infrastructure, and internet governance, from around the globe. Together, we discuss definitions, problems, challenges and solutions in securing and assuring the reliability of the global internet infrastructure, which is critical infrastructure for a growing number of nations, corporations and indeed, individuals -- world wide. more

DNS Survey Results Pandora’s Box of Both Frightening and Hopeful Results, Says Cricket Liu

The fifth-annual survey of domain name servers (DNS) on the public Internet -- called a "Pandora's box of both frightening and hopeful results" -- was released today by The Measurement Factory in partnership with Infoblox. more

60 Minutes Investigates Cybersecurity and the Reality of Sabotaging Critical Infrastructure

CBS's 60 Minutes aired a special report last night investigating how hackers can get into the computer systems that run crucial elements of the world's infrastructure, such as the power grids, water works or even a nation's military arsenal. From the report: "At the Sandia National Laboratories, Department of Energy security specialists like John Mulder try to hack into computer systems of power and water companies, and other sensitive targets in order to figure out the best way to sabotage them. It's all done with the companies' permission in order to identify vulnerabilities. In one test, they simulated how they could have destroyed an oil refinery by sending out code that caused a crucial component to overheat." more

Study Finds Spain Most Bot-Infected Country, Sweden Among Least Infected

According to a recent security report, Spain and the United States are the leading countries when comes to bot-infected computers. Based on data compiled from October by PandaLabs, the research arm of Panda Security, an alarming 44.49% of computers in Spain are infected with bots and United States -- a long way behind -- at 14.41%, followed by Mexico 9.37% and Brazil 4.81%. Countries least infected include Peru, the Netherlands and Sweden, all with ratios under 1 percent. more

Security Researchers Find Serious Vulnerability in SSL

Sophie Curtis of eWeek reports: "Researchers have discovered a hole in the secure sockets layer (SSL) protocol, enabling man-in-the-middle attackers to hack into secure applications despite traffic encryption. According to security researcher Chris Paget, hackers can exploit this flaw by breaking into shared hosting environments, mail servers and databases, and inserting text into encrypted traffic as it passes between two end users. This could lead to fragmentation of SSL transactions, giving hackers the opportunity to inject false commands such as password resets into communications which are otherwise encrypted." more

US Opens Unified Cyber Security Command Centre

Department of Homeland Security (DHS) Secretary Janet Napolitano today opened the new National Cybersecurity and Communications Integration Center (NCCIC) — a 24-hour, DHS-led coordinated watch and warning center that will improve national efforts to address threats and incidents affecting the nation's critical information technology and cyber infrastructure. more

Longevity of Phishing Websites Dropped by 25% Since Last Year, Study Finds

A new phishing survey released by the Anti-Phishing Work Group (APWG) reveals that the longevity of phishing Web sites dropped by 25 percent over the last year. The survey has also revealed that a single criminal syndicate dubbed "Avalanche" was responsible for nearly one quarter of all phishing attacks in the first half of 2009. Indications are that the gang is continuing to claim a larger proportion of all detected phishing attacks. more

Bill C-27: Historic Canadian Anti-spam Legislation Battered, But Still Unbeaten

As readers of CircleID have seen, there has been a lot of activity (for example, Michael Geist's "Canadian Marketing Association Attacks Anti-Spam Bill"), as the final votes of C-27 grow nearer. The history towards getting a spam law passed in Canada has been a long one. For years, CAUCE encouraged legislators to undertake this important work... Fast forward a few years, and a few governments, and suddenly we have a law tabled in the House of Commons... more