Cybersecurity

Sponsored
by

Cybersecurity / Most Viewed

Dish Network Confirms Network Outage Was a Cybersecurity Breach Impacting Customers and Employees

The satellite television provider, Dish Network is currently dealing with a cybersecurity incident that has affected its internal networks, customer support systems, and websites such as boostinfinite.com and dish.com. It is currently investigating the incident and has confirmed certain data was extracted from its IT systems as a result. more

Apparently Legitimate Estonian ISP Operating as Large Cybercrime Hub Since 2005

An apparently legitimate ISP in Tartu, Estonian is reported to have been serving as the operational headquarters of a large cybercrime network since 2005 according to TrendWatch, the security research arm of TrendMicro. "An Estonian company is actively administering a huge number of servers in numerous datacenters, which together form a network to commit cybercrime. It appears that the company from Tartu, Estonia controls everything from trying to lure Internet users to installing DNS changer Trojans by promising them special video content, and finally to exploiting victims' machines for fraud with the help of ads and fake virus infection warnings..." more

Study Finds Spain Most Bot-Infected Country, Sweden Among Least Infected

According to a recent security report, Spain and the United States are the leading countries when comes to bot-infected computers. Based on data compiled from October by PandaLabs, the research arm of Panda Security, an alarming 44.49% of computers in Spain are infected with bots and United States -- a long way behind -- at 14.41%, followed by Mexico 9.37% and Brazil 4.81%. Countries least infected include Peru, the Netherlands and Sweden, all with ratios under 1 percent. more

Cyber Threats Accelerate: 94% of Web Browser Exploits Occur Within 24 Hours of Disclosure

Today X-Force, IBM's security research and development arm, released its 2008 Midyear Trend Statistics report that indicates cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise. more

APWG: The Internet Has Never Been More Dangerous

Anti-Phishing Working Group (APWG) released its latest Phishing Activity Trends Report today warning that the number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement. "The number of hijacked brands ascended to an all-time high of 310 in March and remained, in historical context, at an elevated level to the close of the half in June," says the report. more

Policy Review: Botnets are eWMD, electronic Weapons of Mass Destruction

The latest issue of Policy Review from the Hoover Institution, a public policy research center -- focused on advanced study of politics, economics, and political economy -- has an essay titled eWMDs – electronic weapons of mass destruction. The Policiy Review readers are warned that botnets should be considered a serious security problem and that "cyber attacks present a grave new security vulnerability for all nations and must be urgently addressed." more

Security Against Election Hacking - Part 2: Cyberoffense Is Not the Best Cyberdefense!

State and county election officials across the country employ thousands of computers in election administration, most of them are connected (from time to time) to the internet (or exchange data cartridges with machines that are connected). In my previous post I explained how we must audit elections independently of the computers, so we can trust the results even if the computers are hacked. more

Global Cyberattack Hits Several US Federal Agencies

Multiple US federal agencies are grappling with a global cyberattack exploiting a flaw in the widely-used MOVEit software. The US Cybersecurity and Infrastructure Security Agency (CISA) is working closely with the affected agencies to understand the impact and expedite remediation efforts. more

Can Zero Trust Security Put an End to Human Security Weaknesses?

How bad is the human security weakness problem? Verizon's 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement. This involvement can mean misconfigurations, poor security policy implementation, negligence, and falling prey to social engineering schemes. Essentially, a vast majority of data breaches have penetrated cyber defenses because of human carelessness, inconsistencies, and gullibility. more

FBI Pushing Enforcement Action Against Money Mules

Brian Krebs reporting on the Krebs on Security blog: "The FBI's top anti-cyber crime official today said the agency is planning a law enforcement action against so-called 'money mules,' individuals willingly or unwittingly roped into helping organized computer crooks launder money stolen through online banking fraud." more

Recursive DNS and You

In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more

Security Researchers Uncover Cyber Espionage Network Invloving 103 Countries

A report released over the weekend by Information Warfare Monitor along with an exclusive story by the New York Times, revealed a 10-month investigation of a suspected cyber espionage network (dubbed GhostNet) of over 1,295 infected computers in 103 countries. 30% of the infected computers are labeled as high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. Greg Walton, editor of Information Warfare Monitor and a member of the Toronto academic research team that is reporting on the spying operation, writes... more

U.S. Slammed as Major Host for Cybercrime

While Russia and Ukraine are generally regarded as today's main cybercrime hubs, "a lot of their infrastructure is housed in the west, in the United States to be precise," writes Vincent Hanna of Spamhaus Project. "Without exception, all of the major security organizations on the Internet we know of agree that the 'Home' of cybercrime in the western world is a place known as Atrivo/Intercage. We ourselves have not come to this conclusion lightly but from many years of dealing with criminal operations hosted by Atrivo/Intercage, gangs of cybercriminals -- mostly Russian and East European but with several US online crime gangs as well -- whose activities always lead back to servers run by Atrivo/Intercage..." more

Cameras, DVRs Used for Massive Cyberattack on French Hosting Company and Others

"Hackers infect army of cameras, dvrs for massive internet attacks," reports Drew Fitzgerald in the Wall Street Journal. more

Schneier: “Someone Is Learning How to Take down the Internet”

"Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet," wrote renowned security expert, Bruce Schneier, in a piece published in Lawfare. more