As I read through multiple postings covering the proposed Computer Fraud and Misuse Act, such as the ever-insightful writing of Rob Graham in his Obama's War on Hackers or the EFF's analysis, and the deluge of Facebook discussion threads where dozens of my security-minded friends shriek at the damage passing such an act would bring to our industry, I can't but help myself think that surely it's an early April Fools joke. more
The Spamhaus Project just published a long article about the botnets they've been watching during 2014. As this chart shows, we're not making any progress. They also note that the goals of botnets have changed. While in the past they were mostly used to send spam, now they're stealing banking and financial information, engaging in click fraud, and used for DDoS and other malicious mischief. more
Anyone seeking to honor a groundbreaking contribution toward a better online world should submit a nomination for the 2014 M3AAWG J. D. Falk Award. Presented to people whose work on specific projects made the Internet a safer, more collaborative, more inclusive place, the J. D. Falk Award has recognized leaders and pioneers who saw elements of the online experience that needed improvement and took action to fix them. more
Google today revealed a new initiative, named Project Zero, with the objective to "significantly reduce the number of people harmed by targeted attacks." To carry out the project, Google is recruiting a team of experienced hackers - "practically-minded security researchers" - to contribute 100% of their time toward improving security across the Internet. more
A widespread compromise of consumer-grade small office/home office (SOHO) routers has been discovered by threat intelligence group Team Cymru. According to the report, "attackers are altering the DNS configuration on these devices in order to redirect victims DNS requests and subsequently replace the intended answers with IP addresses and domains controlled by the attackers, effectively conducting a Man-in-the-Middle attack." more
The holidays open up a block of time to catch up on "I meant to read that" bookmarks, RSS feeds, and all the favorited and forgotten tweets. I made it through 50 before a NormanShark blog post kicked off a research project. The analysts found a malware sample which was using .bit domains in their communications infrastructure, but .bit ... what is that? .bit is a TLD operating outside of ICANN. Some would say they are TLD squatting, but I leave that opinion up to the reader. more
Not long after the message that Microsoft will stop updating Windows XP from 8 April onwards, after extending it beyond the regular life cycle for over a year already, came the soothing message that malware will be monitored for another year. That may be good news to some, but the fact remains that this is not the same as patching. Remaining on XP leads to a vulnerable state of the desktop, lap top and any other machine running on XP; vulnerable to potential hacks, cyber crimes, becoming part of a botnet, etc. more
In 2010 the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and the Internet industry as a whole lost a great friend and supporter, Mary Litynski. Her dedication, excellence, perseverance and tireless work behind the scenes of M3AAWG helped make the organization the success that it is today. Through this award, M3AAWG seeks to bring attention to the remarkable work that is done far from the public eye over a significant period of time... more
Much of the discussion regarding mobile security revolves around the growing "pandemic" of mobile malware. It's not uncommon to see headlines reporting the discovery of large numbers of new malware samples. However, as Google recently pointed out, with quite a bit of data to support them, there's little discussion of real world impact of these discoveries. This raises a number of relevant questions. Is the average user likely to be infected? Where does this malware come from? These are questions that deserve analysis and thoughtful responses. more
Most people - mistakenly - believe that they are perfectly safe behind a firewall, network address translation (NAT) device or proxy. The fact is quite the opposite: if you can get out of your network, someone else can get in. Attackers often seek to compromise the weakest link in a network and then use that access to attack the network from the inside, commonly known as a "pivot-and-attack." more
The world of Internet threats has changed continually over the years. From the time that a "worm" first showed up in the wild, or whenever someone penetrated a system without authorization for the first time, various forms of attacks and malware have presented dangers to the system and those who use it. Different vectors have received varied focus over the years... Many parts of the Internet community have been involved in addressing relevant issues and fostering efforts to combat them. more
Today we publish an overview of domains registered through Domain Silver, Inc, a registrar operating in the .pl domain. This Registrar started operating in May 2012. Since that time, the CERT Polska team started to observe a large increase in the amount of malicious domains registered in .pl and to receive many complaints concerning domains registered through Domain Silver. more
As part of its Transparency Report, Google recently released large amount of data related to unsafe websites. Google groups unsafe websites into two main categories: Malware and Phishing sites. more
A bipartisan Commission recently produced a report titled, "The Report of the Commission on the Theft of American Intellectual Property". Karl Bode from dslreports.com writes... more
"We need to break down silos", is a phrase often heard in national and international meetings around cyber security and enforcing cyber crime. So it is no coincidence that at the upcoming NLIGF (Netherlands Internet Governance Forum), the IGF, but also an EU driven event like ICT 2013 have "Breaking down silos" and "Building bridges" on the agenda. But what does it mean? And how to do so? more