M86 Security today released it's bi-annual security report for the first half of 2010, highlighting the evolution of obfuscation through combined attacks. From the report: "This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for 'covering their tracks' are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language - built into Adobe flash - and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today."
The EU's 'cyber security' Agency ENISA (The European Network and Information Security Agency) has launched a new report concluding that the EU should focus its future IT security research on five areas: cloud computing, real-time detection and diagnosis systems, future wireless networks, sensor networks, and supply chain integrity.
At a recent shareholders' meeting in Stockholm, Ericsson's CEO has reaffirmed company's vision of having 50 billion internet-connected devices by 2020: "Today we already see laptops and advanced handsets connected, but in the future everything that will benefit from being connected will be connected." As an example of connected devices, a research engineer showed real life mobile health applications and how heart monitoring can be done remotely over mobile networks.
OECD, Organization for Economic Co-Operation and Development, has released a report for policy makers assessing the level of IPv6 deployment around the world. "[T]he timely deployment of IPv6 by network operators and content/application providers is an increasing priority for all Internet stakeholders. In terms of public policy, IPv6 plays an important role in enabling growth of the Internet to support further innovation. In addition, security, interoperability and competition issues are involved with the depletion of IPv4."
Eric Schmidt, CEO of Google, was interviewed at Gartner Symposium on the future of the Web and enterprise computing. Eric said to about 5000 CIOs attending the event, that Chinese will soon be a dominant language on the net and broadband connections will be so fast that various forms of media -- such as radio and TV -- will be blurred.
In a joint statement released today by Eric Schmidt, Chairman and CEO of Google, and Lowell McAdam, President and CEO of Verizon Wireless, the two companies have expressed their support for making existing 'net neutrality' principles enforceable. The joint statement was published as a blog post late Wednesday on both Google and Verizon policy blogs.
In the midst of heavy demonstrations in the street of Iran against current regime and controversial election results, online activist have began organizing online attacks against government websites. Activists are asking supporters to use tools currently being spread via Twitter, Facebook, and other social networking sites to participate in the attack. However as one blogger writes, the attack might in fact back fire in a country like Iran where network infrastructure is relatively centralized...
Annual global IP traffic will pass two-thirds of a zettabyte in four years according the Cisco's Visual Networking Index report. The economic downturn has only slightly tempered traffic growth and the global IP traffic is expected to quintuple from 2008 to 2013. Cisco predicts IP traffic to grow at a compound annual growth rate (CAGR) of 40%.
In an article titled "A Cyber-Attack on an American City", Bruce Perens writes: "Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes serving the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported. That attack demonstrated a severe fault in American infrastructure: its centralization. The city of Morgan Hill and parts of three counties lost 911 service, cellular mobile telephone communications, land-line telephone, DSL internet and private networks, central station fire and burglar alarms, ATMs, credit card terminals, and monitoring of critical utilities..."
Network Solutions is having problems with "all" its name servers, according to their tech support and a recent post on North American Network Operators' Group (NANOG) mailing list indicates that it has been under very large-scale UDP/53 DDoS attack for the last 48 hour period. As a result, domain names hosted with Network Solutions' Worldnic have been affected. Network Solutions is one of the leading domain registrars and DNS hosting providers in the world, managing more than 7.6 million domain names.
In a 52 page security report released by Cisco, the company has confirmed what has been consistently been observed through out this year: "the Internet-based attacks are becoming increasingly sophisticated and specialized as profit-driven criminals continue to hone their approach to stealing data from businesses, employees and consumers." The 2008 edition of the report has specified the year's top security threats and offers recommendations for protecting networks against attacks that are propagating more rapidly, becoming increasingly difficult to detect, and exploiting technological and human vulnerabilities.
In a highly anticipated presentation, Internet security researcher Dan Kaminsky today gave details of the much talked about Domain Name System (DNS) vulnerability issue which has been intensely covered since it was publicly announced a month ago on Jul 8th. Although original plans entailed keeping the bug details undisclosed for 30 days in order to allow for necessary security patches to be implemented around the world, details of the bug were eventually leaked-and-confirmed 13 days after its public announcement. Even so, just hours ago in jam-packed ballroom during the Black Hat conference, Kaminsky delivered his 100-plus-slide presentation detailing the DNS flaw that, if exploited, could potentially "destroy the Web".