Cybersecurity |
Sponsored by |
A recent survey of US companies conducted by Proofpoint has found companies increasingly concerned over data leaks via emplyee misuse of email, blogs, social networks, multimedia channels and text messages. From the report: "[A]s more US companies reported their business was impacted by the exposure of sensitive or embarrassing information (34 percent, up from 23 percent in 2008), an increasing number say they employ staff to read or otherwise analyze the contents of outbound email (38 percent, up from 29 percent in 2008). The pain of data leakage has become so acute in 2009 that more US companies report they employ staff whose primary or exclusive job is to monitor the content of outbound email (33 percent, up from 15 percent in 2008)." more
Internet Systems Consortium (ISC) has announced that it is working with Afilias and Neustar, Inc. in the effort to support ISC's DNSSEC Look-aside Validation (DLV) registry by providing secondary DNS service for the DLV zone. DLV is a mechanism that provides many of the benefits of DNSSEC (short for DNS Security Extensions), enabling domain holders to secure their domain information today in advance of broader DNSSEC deployment and adoption. "Adding Afilias and Neustar as secondary DNS providers for the DLV zone demonstrates our collective understanding that DLV is a vitally important production service bigger than any single provider in the same way that there are 13 root server operators, not just one." more
US House officials have confirmed hackers breaching several websites belonging to House of Representatives members in the past week. Portions of the websites were replaced by digital graffiti which began earlier this month, according to zone-h. Brian Krebs of the Washington Post reports: "Rep. Spencer Bachus has sent a letter to the House's chief administrative officer, requesting more information about the attacks. Bachus cites information provided to him by Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham. Warner suggested that the break-ins at the House sites were caused not by password guessing [as reported initially], but by 'SQL injection,' an attack that exploits security weaknesses in Web server configurations." more
The Twitter micro-blogging service was knocked offline this morning for several hours as a result of a denial of service attack (DDoS). Twitter has confirmed and reported the attack in a post on its official blog earlier today: "We are defending against this [DDos] attack now and will continue to update our status blog as we continue to defend and later investigate." The company later reported that the service as been resumed but they are still continuing to defend against and recover from this attack. No further updates have been provided yet. more
Messaging Anti-Abuse Working Group (MAAWG) has issued the first best practices aimed at helping the global ISP industry work more closely with consumers to recognize and remove bot infections on end-users' machines. The paper outlines a three-step approach with recommendations for detecting bots, notifying users that their computers have been compromised, and guiding them in removing the malware. more
A team of developers including .SE (The Internet Infrastructure Foundation), LNetLabs, Nominet, Kirei, SURFnet, SIDN and John Dickinson have come together to create open source software, called OpenDNSSEC, to make it easier to deploy DNSSEC. Patrik Wallström, responsible for DNSSEC at .SE comments: "In order to spread the use of DNSSEC to an increased number of domain names, the management surrounding this technology must be simplified. Together with a number of collaborators, we're developing OpenDNSSEC. Leveraging our deployment experience, we will produce a well-packaged, easy-to-use and flexible DNSSEC tool that eliminates all manual procedures. Those in charge of name servers no longer need detailed knowledge about the protocol in order to use it." more
A recent survey of security professionals by RSA Conference with regards to critical security threats and infrastructure issues currently faced, revealed budgetary constrains as the top challenge currently faced. According to reports, the study suggests that even though practitioners are most concerned about email phishing and securing mobile devices, technologies addressing these needs are at risk of being cut from IT budgets. 72% percent of respondents indicated a rise in email-borne malware and phishing attempts since Fall 2008, with 57% stating they have seen an increase in Web-borne malware. Concerns about zero-day attacks and rogue employees as a result of layoffs were cited by 28% and 26% of survey respondents, respectively. more
A research paper commissioned by the International Commission on Nuclear Non-proliferation and Disarmament (ICNND) suggests that nuclear command and control systems are vulnerable to cyber terrorism. "Despite claims that nuclear launch orders can only come from the highest authorities, numerous examples point towards an ability to sidestep the chain of command and insert orders at lower levels," says the report. more
Security researches report seeing as much unique malware in the first half of 2009 as seen in all of 2008. "This is quite something when you consider that in 2008 we saw the greatest ever growth in malware," says David Marcus of McAfee Avert Labs. More specifically, Marcus in a blog post writes that the numbers add up to an average of 200,000 unique pieces malware monthly or more than 6,000 a day. "Bear in mind these are malware we consider unique (something we had to write a driver for) and does not count all the other malware we detect generically or heuristically... When you add in the generic and heuristic detections the number becomes truly mind boggling," writes Marucs. more
Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis), says that the source of recent cyberattack against US and South Korean government websites was not North Korea -- as widely reported -- but UK. Based on Bkis analysis, a report today by Nguyen Minh Duc says that a master server located in UK was found to control the 8 Command and Control servers responsible for the series of cyberattacks last week.
more
According to reports by German software security company G Data, since the beginning of summer, the malware community appears to have been scaling back its activities. This considerable reduction is, according to the estimates of G Data security expert Ralf Benzmüller, not solely due to the forthcoming holiday season. The global recession appears to have also hit the eCrime economy. "This phenomenon emerges every year as something new. At the start of the holiday season, the number of malware programs falls. One reason for this is the worldwide onset of the travel season, which, based on experience, causes a drop in the number of active Internet users. However, this does not explain a collapse of more than 30 percent," says Ralf Benzmüller. more
The Anti-Phishing Working Group (APWG) recently reported that the number of sites infecting PCs with password-stealing crimeware reached an all time high of 31,173 in December 2008 - an 827 percent increase from January. And according to a report just released by Trend Micro's Focus Report, 93 percent of data-stealing malware have been identified as Trojans in the first quarter of 2009. more
Recent study indicates that US continues to widen its lead as the number one country when it comes to hosting phishing sites. According to the latest Brandjacking Index just released by MarkMonitor, US-hosted phishing sites grew by ten percent from last quarter -- up from 36 percent to 46 percent. Canada is now at second position with 4.7 percent of all phishing attacks, followed by the Russian Federation (4.5 percent), France (4 percent), and Denmark (4 percent). more
In a blog post last week, Gary Warner, director of research in computer forensics at the University of Alabama's (UAB) computer and information sciences department, wrote that it is well past time for someone to declare a "Spam Crisis in China". The warning comes along with UAB's reports that most of the spam they receive has ties to China. "It is very normal that more than one-third of the domain names we see each day in spam messages come from China," Warner wrote. "When one also considers the many '.com' and '.ru' domain names which are also hosted in China, the problem is much worse. More than half of all spam either uses domain names registered in China, is sent from computers in China, or uses computer in China to host their web pages." more
While scanning its index, Google in the last two months reports to have found more than 4,000 different websites suspected of distributing malware by massively compromising popular websites. "Of these domains more than 1,400 were hosted in the .cn TLD. Several contained plays on the name of Google such as goooogleadsence.biz, etc.," says Google's security team member, Niels Provos, in a blog post today. more