Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran's nuclear power plants, was a joint effort between the United States and Israel. The program began under former president George W. Bush and continued under President Obama. Last month, the Washington Post ran an article saying that the US and Israel collaborated in a joint effort to develop Flame and that work included Stuxnet. more
This morning M3AAWG announced the creation of the J.D. Falk award to recognize and honor people like J.D. who work to make the Internet safer for all users... J.D. was a legend in the abuse prevention world when I first started learning about spam and abuse prevention back in the late 90's. more
Reading Peter Olthoorn's book on Google (a link is found here), I ran into a passage on IP addresses. Where Google states that it does not see an IP address as privacy sensitive. An IP address could be used by more than one person, it claims. The Article 29 Working Party, the EU privacy commissioners, states that it is privacy sensitive as a unique identifier of a private person. It got me wondering whether it is this simple. Here is a blog post meant to give some food for thought and debate. I invite you to think about the question 'how private is an IP address'? more
The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more
In a blog post, Stewart Baker proposed restricting access to sophisticated anti-virus software as a way to limit the development of sophisticated malware. It won't work, for many different and independent reasons. To understand why, though, it's necessary to understand how AV programs work. The most important technology used today is the "signature" - a set of patterns of bytes - of each virus. Every commercial AV program on the market operates on a subscription model... more
Here we go again; another instance of really sophisticated spyware has been reported, a system that is "so complex and sophisticated that it's probably an advanced cyber-weapon unleashed by a wealthy country to wage a protracted espionage campaign on Iran". I won't get into the debate about whether or not it's really more impressive than Stuxnet, whether or not it's groundbreaking, or whether or not Israel launched it; let it suffice to say that there are dissenting views. I'm more interested in the implications. more
The world is abuzz this week with some flaming malware - well "Flame" is the family name if you want to be precise. The malware package itself is considerably larger than what you'll typically bump into on average, but the interest it is garnering with the media and antivirus vendors has more to do with the kinds of victims that have sprung up - victims mostly in the Middle East, including Iran - and a couple of vendors claiming the malware as being related to Stuxnet and Duku. more
The antivirus industry has been trying to deal with false positive detection issues for a long, long time - and it's not going to be fixed anytime soon. To better understand why, the physicist in me draws an analogy with Heisenberg's Uncertainty Principle - where, in its simplest distillation, the better you know where an atom is, the less likely you'll know it's momentum (and vice versa) - aka the "observer effect". more
Google has announced that it has started undertaking an effort to notify roughly half a million people whose computers or home routers are infected with a well-publicized form of malware known as DNSChanger. "After successfully alerting a million users last summer to a different type of malware, we've replicated this method and have started showing warnings via a special message that will appear at the top of the Google search results page for users with affected devices." more
Talking technical is easy. Distilling technical detail, complex threats and operation nuances down to something that can be consumed by people whose responsibility for dealing with cybercrime lays three levels below them in their organizational hierarchy is somewhat more difficult. Since so many readers here have strong technical backgrounds and often face the task of educating upwards within their own organizations, I figured I'd share 4 slides from my recent presentation that may be helpful in communicating how the world has changed. more
The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector. In an advisory issued last week, ICS-CERT said it has received information about targeted attacks and intrusions into multiple organizations over the past several months. more
Microsoft took down a Zeus botnet recently. Within days it was publicly accosted by Fox-IT's director Ronald Prins for obstructing ongoing investigations and having used Fox-IT's data. This was followed by the accusation that Microsoft obstructs criminal proceedings... On top of all this EU Commissioner Cecilia Malmström announced that cooperation between law enforcement and industry will be forged in the European Cyber Crime Centre as of 2013. Coincidences do not exist. Why? more
There has been a lot of talk about how the DNS can provide network-based security, and how DNS is in the best position to detect malware traffic before it does any harm. But what does this mean for end users? How does it make their online lives easier and more secure? DNS servers that are aware of sites that host malware, perform phishing activities (harvesting bank details, for instance) and other nefarious misbehaviors, can prevent end users from ever going to those sites. more
The sixth annual Counter-eCrime Operations Summit (CeCOS VI) will engage questions of operational challenges and the development of common resources for the first responders and forensic professionals who protect consumers and enterprises from the ecrime threat every day. This year's meeting will focus on the shifting nature of cybercrime and the attendant challenges of managing that dynamic threatscape. more
Global Payments, an Atlanta-based payment card processing firm, announced yesterday that they had suffered "unauthorized access into a portion of its processing system". Sometime in early March they uncovered the attack, and there are some indications that the breach occurred between January 21st and February 25th of this year... There are a number of unverified reports that a New York City street gang with Central American ties took control of "an administrative account that was not protected sufficiently". more
A World-Renowned Source for Internet Developments. Serving Since 2002.