A sophisticated cybercrime group that has maintained an especially devious Trojan horse for nearly three years has stolen login credentials of close to 300,000 online bank accounts and almost as many credit cards during that time, according to reports released today by RSA FraudAction Research Lab. The spyware is called Sinowal Trojan, also known as Torpig and Mebroot. RSA reports that their findings are based on data collected on this Trojan over the course of almost three years -- including information regarding its design and its infrastructure. Findings indicate that this may be one of the most pervasive and advanced pieces of crimeware ever created by fraudsters, say RSA experts.
In follow up to reports on ICANN's termination of notorious domain name registrar, EstDomains due to fraudulent activities, the Internet oversight agency is now preparing to transfer domain names of its customers to other registrars... However the question asked by experts is whether any other registrar would have an interest in inheriting EstDomains questionable domain names.
Alternate DNS root server, the Open Root Server Network (ORSN) is shutting down. The project which began almost six years ago, is set to close at midnight on the last day of 2008. The following is part of the official statement released for the closure: Since start of operation in 2002 ORSN was a political alternative to ICANN/IANA operated root server network. It was also well known for technical innovation by providing IPv6 support before it was introduced in the ICANN/IANA operated root servers..."
In follow up to its earlier announcement this year regarding the relaxation of rules for the introduction of new Top-Level Domains, the Internet Corporation for Assigned Names and Numbers (ICANN) yesterday released a draft version of the Applicant Guidebook for those interested in applying for a new generic Top-Level Domain (gTLD). Although application comes with a hefty entry fee of close to $200,000, the development of new gTLD introductions will be of particular interest to trademark owners as well as any other company involved with domain names. Among various issues, the guidebook aims at addressing concerns such as who would qualify for '.apple' or '.amazon' gTLDs.
Earlier this month, Google officially opened its new data center in South Carolina which was first reported during April of 2007 when the company announced its plans to invest $600 million in the project. This data center is one of the four new data center projects announced by Google last year with other locations being Lenoir, North Carolina; Council Bluffs, Iowa and Pryor, Oklahoma.
Web security company, ScanSafe reports that, in the past quarter, companies in the Energy industry faced the greatest risk of Web-based malware exposure, at a 196% heightened risk compared to other verticals. The Pharmaceutical and Chemicals industry faced the second highest risk of exposure at 192% followed by the Construction & Engineering industry at 150%. The Media and Publishing industry were also among those at highest risk, with a 129% heightened risk compared to other verticals.
The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released today a new action guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack. In 2004, the Congressional Research Service estimated the annual economic impact of cyber attacks on businesses -- which can come from internal networks, the Internet or other private or public systems -- to be more than $226 billion. In 2008, U.S. Department of Homeland Security Secretary Michael Chertoff named cyber risks one of the nation's top four priority security issues.
During a presentation today at the eCrime Researchers Summit in Atlanta, Georgia, security researchers revealed that average lifetime of malicious websites are often longer than they should be due to lack of communication and cooperation between security vendors. According to results, website lifetimes are extended by about 5 days when "take-down" companies -- often hired by Banks -- are unaware of the site. "On other occasions, the company learns about the site some time after it is first detected by someone else; and this extends the lifetimes by an average of 2 days," says Richard Clayton.
Georgia Tech Information Security Center (GSTISC) today held its annual Security Summit on Emerging Cyber Security Threats and released the GTISC Emerging Cyber Threats Report for 2009, outlining the top five areas of security concern and risk for consumer and enterprise Internet users for the coming year... According to the report, data will continue to be the primary motive behind future cyber crime-whether targeting traditional fixed computing or mobile applications. "It's all about the data," says security expert George Heron -- whether botnets, malware, blended threats, mobile threats or cyber warfare attacks.
In the upcoming Internet Measurement Conference being held next week in Vouliagmeni, Greece, a team of six researchers will be presenting a paper called "Census and Survey of the Visible Internet," based on a comprehensive census of more 2.8 billion allocated IP addresses on the Internet. The research is claimed to be the first comprehensive census of its kind in more than two decades.
Vint Cerf, Google’s Chief Internet Evangelist who is also credited as the co-founder of the Internet, has endorsed U.S. presidential candidate Barack Obama in a YouTube video submitted to AVoteForScience channel. In the video, Cerf discusses the importance of Net Neutrality (NN) and the fact that Obama is the candidate that supports NN. The following excerpt is a portion of what Cerf says in the video...
U.S. authorities announced today that they have shut down one of the largest spam operations in the world, an extensive network with ties to Australia, New Zealand, India, China and the United States. The group, dubbed 'HerbalKing' by spam fighting organizations, had been active as far back as 2005 and became notorious as the number one worst spam gang on the Internet for much of 2007 and 2008 according to Spamhaus, a non-profit anti-spam research group.
Regular readers of this site would be familiar with the ongoing legal battles involving the practice of typosquatting; the registration of misspelled domain names of well know brands with the intention of making a profit. Taking advantage of the fact that millions of online users mistype addresses of websites they intend to visit, typosquatters register common misspelled versions of popular sites and make money by displaying ads. Google's AdSense for Domains (AFD) program, often used for displaying such ads, has been particularly targeted by trademark owners which according to McAfee's SiteAdvisor, serves ads on more than 80% of typosquatting sites recently uncovered.
During a conference, "Internet of Things," in France, the U.S. Department of Commerce made the announcement that it will hold a public consultation on the different proposals to cryptographically sign the DNS root zone file, and determine who will hold the root zone trust anchor for global DNSSEC implementation, says Milton Mueller on the Internet Governance Forum blog. The blog, titled "Commerce Department asks the world to comment on its plans to retain control of the root," continues...
New analysis from Frost & Sullivan research firm suggests that the IPTV subscriber base in Asia-Pacific -- covering 13 countries -- reached 4.1 million in 2007 and estimates this number to reach 22.4 million by the end of 2013, at a CAGR (compound annual growth rate) of 32.7 percent (2007-2013). Of the 13 countries, eight had commercial IPTV services in 2007, while the rest are conducting trials for expected deployments from 2009 onwards, according to the report. "Many service providers feel the urge to launch IPTV services as a defensive strategy to increase their 'n-play' offerings with one more service."