Cybersecurity |
Sponsored by |
On April 16th at 11:00pm GMT, the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy. The spam messages claim to contain news concerning the Boston Marathon bombing, reports Craig Williams from Cisco. The spam messages contain a link to a site that claims to have videos of explosions from the attack. Simultaneously, links to these sites were posted as comments to various blogs.
Neil Schwartzman writes to report that U.S. Cert issued Alert TA13-088A on Friday March 29, 2013. "It is a solid how-to guide to test for, and remediate DNS configurations that can be used for Distributed Denial of Service attacks."
Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers."
ICANN has released a set of guidelines to explain its Coordinated Vulnerability Disclosure Reporting. The guidelines serve two purposes, says ICANN: "They define the role ICANN will perform in circumstances where vulnerabilities are reported and ICANN determines that the security, stability or resiliency of the DNS is exploited or threatened. The guidelines also explain how a party, described as a reporter, should disclose information on a vulnerability discovered in a system or network operated by ICANN."
Distributed denial-of-service (DDoS) attacks that targeted U.S. financial institutions this week have reached 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks.
SANS has announced NetWars CyberCity, a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. NetWars CyberCity was developed to teach cyber warriors from the U.S. Military how online actions can have kinetic effects.
Security researchers have found a new variant of the Macadocs malware to be using Google docs as a proxy server and not connecting to a command and control server directly. In a blog post on Friday, Symantec researcher Takashi Katsuki, wrote...
A cooperative international report was released last week outlining Internet and mobile best practices aimed at curtailing malware, phishing, spyware, bots and other Internet threats. It also provides extensive review of current and emerging threats. "Best Practices to Address Online and Mobile Threats" is a comprehensive assessment of Internet security as it stands today...
Convincing competitors, disparate business entities and researchers to collaborate - many donating their services and resources - to protect millions of end-users worldwide is no small feat. Yet FBI Supervisory Special Agent Thomas X. Grasso did just that by quietly working behind the scenes to create the DNS Changer Working Group that saved an inestimable number of end-users from losing access to the Web over the last two years.
Kaspersky Lab Expert, Fabio Assolini, has provided detailed description of an attack which as been underway in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, affecting 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems.
Internet Society has released a paper today highlighting the importance of understanding what is important and unchanging about the Internet.
Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..."
In the past five years, cyber and telecommunications defence has left its niche market to become one of the fastest growing industries in the world. In 2011, governments, industry and ordinary computer users spent roughly £65 billion shoring up their computer networks, a figure that is predicted to double within five years.
The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials."
Google has announced that it has started undertaking an effort to notify roughly half a million people whose computers or home routers are infected with a well-publicized form of malware known as DNSChanger. "After successfully alerting a million users last summer to a different type of malware, we've replicated this method and have started showing warnings via a special message that will appear at the top of the Google search results page for users with affected devices."