Cybersecurity

Sponsored
by

Cybersecurity / Most Commented

VoIP/IP Telephony in Estonia: Disrupted by Botnets?

With my post earlier this month about the possibility of SIP botnets [also featured here on CircleID], I've had a number of people asking about more information and wondering about the possible impacts. And while I will write more on botnets in general, as far as the potential impact of "botnets" in general, one need only look over at the current situation in Estonia... Now, perhaps Russia is behind the attack... perhaps not. There are obviously much larger political issues going on between the two states. more

More on Broadband Router Insecurity and Being Proactive

Fergie replied on NANOG to my recent post on the subject of broadband routers insecurity: "I'll even go a step further, and say that if ISPs keep punting on the whole botnet issue, and continue to think of themselves as 'common carriers' in some sense -- and continue to disengage on the issue -- then you may eventually forced to address those issues at some point in the not-so-distant future..." He is right, but I have a comment I felt it was important - to me - to make. Not just on this particular vulnerability, but on the "war"... more

Ailing ETO-2002 and the Demise of PKI

The only Cyber law passed in Pakistan till date is the famous ETO-2002 (Electronic Transaction Ordinance - 2002). It required Ministry of IT&T to set up a Central Repository for all digital certificates and in addition to set up a body to be named as Electronic Certification Accreditation Council (ECAC) to accredit Electronic Certification Authorities to be established in the country... In this regard, government has not only closed its eyes and has blindly trusted the only certificate authority (CA) in the country operated by a private business group, it has also mandated the citizens and business to trust it. Case in point is Central Board of Revenue (CBR) that has told all taxpayers to digitally sign the emails using the certificates issued by this private party... more

Broadband Routers and Botnets: Being Proactive

In this post I'd like to discuss the threat widely circulated insecure broadband routers pose today. We have touched on it before. Today, yet another public report of a vulnerable DSL modem type was posted to bugtraq, this time about a potential WIRELESS flaw with broadband routers being insecure at Deutsche Telekom. I haven't verified this one myself but it refers to "Deutsche Telekom Speedport w700v broadband router"... more

Ready or Not… Here Come the IRC-Controlled SIP/VoIP Attack Bots and Botnets!

A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more

ICANN’s Last Call for Whois Comments

From "Last Call for Whois Comments", a recent opinion piece by eWeek's Security Center Editor Larry Seltzer: "It's not a good sign when the criminals and the lawyers are on the same side of an issue; there may be no good solution to the problems of Whois service rules. Who would have imagined that so much business and so much abuse would center around Internet domain names? Certainly not the designers of the system, including those of the Whois service, which reports on ownership and some other data on domain names... more

.XXX is Back on the Radar Screen

The DoC seems to have finally realized it went too far by using ICANN to serve the interests of some conservative groups, as mentioned in a previous post. The new story is now that the ICANN board did not reject the .XXX application as such, but only the agreement negotiated between ICM Registry and the ICANN staff at that time. How subtle these things are... more

Domain Name Resale Market a Haven for Phishers?

In a recent article at TechWeb, the following observations were made: "Internet addresses that appeal to identity thieves eager to rip off consumers are being posted by major domain resellers... Finnish-based F-Secure has identified more than 30 registered domain names for resale that would be of interest only to the legitimate holder of the trademark or to phishers..." more

League of Nations, United Nations, Next: United Cyber Nations

Though the "Techies" have been heavily involved in many initiatives like Internet Governance, Internationalized (Multi-lingual) Domain Names, Identity Management, Information Security, Access Rights Management etc., they still have to correctly apply the technologies at hand to be able to replicate many accepted norms that have matured in the physical world such as federated identities, non-repudiation, notarizing, witnessing, co-signing etc. more

The DNSSEC “Onus of Reality Check” Shifted to gTLD Administrations by ICANN

Last month, there was an exchange of letters between a gTLD administration and ICANN about DNSSEC deployment. This gTLD administration is PIR or Public Interest Registry, the gTLD administration for the .org TLD. Interestingly, PIR is a non-profit organization that makes significant contributions to ISOC (Internet Society) initiatives: thus, both ICANN and PIR are organizations dedicated to the well-being of the Internet. more

China Betting on IPv6 and First Mover Advantage

The United States' reluctance to invest in IPv6 makes it more likely that China will be in a position to gain the first-mover advantage it seeks. ...Liu Dong, president of the Beijing Internet Institute sums it up succinctly: "We think we can develop the killer applications," he says. China plans to show the rest of the world just how advanced its Internet is at the 2008 Olympics in Beijing. CNGI will control the facilities -- everything from security cameras to the lighting and thermostats -- at the Olympic venues, and events will be broadcast live over the Internet. Even the taxis in Beijing's snarled traffic will connect to CNGI via IPv6 sensors so that dispatchers will be able to direct their drivers away from congestion. more

Phishing: Competing on Security

The UK today is one of the main attack targets by phishing organized crime groups, globally. Phishing damages will amount to about two billions USD in 2006 worldwide -- not counting risk management measures such as preventative measures, counter-measures, incident response and PR damages. In most cases, phishing is caused by the fault of the users, either by entering the wrong web page, not keeping their computers secure or falling for cheap scams. Often this is due to lack of awareness or ability in the realm of Internet use rather than incompetence by the users... more

DNSSEC Deployment at the Root

The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more

Freedom to Connect

Over the last ten years, Andrew Odlyzko has been writing about a pricing algorithm that would assure reasonable service levels at reasonable prices. If you're going to F2C, you might want to read that brief article or this slightly more complex one to learn (or refresh your sense of) PMP -- Paris Metro Pricing models to deal with network congestion. You'll also get a sense of why throwing bandwidth at the network will not be sufficient. Here's a great article from 1995... more

Industry Updates

Tracing the Digital Footprint of Iran’s Mabna Hackers

Profiling the Massive Infrastructure Behind the Democratic National Committee Cyberintrusion

Is Your Software a Top Impersonation Target?

XCSSET Shows How Threat Actors Cope with OS Changes, Does Away with Python Like macOS

DIY Web Attacks Might Still Live on via WebAttacker

Exposing a Currently Active Ashiyane Digital Security Domain Infrastructure

What Is the Current State of Malicious PPI Businesses and Affiliate Networks?

From Counterfeiting to Phishing: Cybersquatting Properties Target Network Device Makers

Q2 2022 Domain Registration Trends Report

Is Monkeypox Following COVID-19’s (Digital) Footsteps?

WhoisXML API Expands DNS Database Coverage and Adds New Record Type

Have You Seen These Roaming Mantis Connected Artifacts Wandering into Your Phone?

Profiling the Threat Actor Known as “Hagga” and His Work

Beauty and the Beast: Are These Domains Possible Vehicles for Cosmetic Product Counterfeiting?

Are Threat Actors Intercepting Your OTPs? These Cyber Resources Might Be Helping Them