Threat Intelligence |
Sponsored by |
Anyone who reads the papers sees stories -- or hype -- about cyberwarfare. Can it happen? Has it already happened, in Estonia or Georgia? There has even been a Rand Corporation study on cyberwarfare and cyberdeterrence. I wonder, though, if real cyberwarfare might be more subtle -- perhaps a "cyber cold war"? more
According to reports, the majority of the U.S. federal domains have met the deadline to adopt an email authentication program to prevent fake emails from being sent. more
"Three years after Mirai first appeared, and two years after WannaCry, it shows that we still haven't solved the problems leveraged in those outbreaks," said F-Secure Principal Researcher Jarno Niemela. more
Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say "botnet", I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was). Rather, Zeus is a tool kit that online criminals can buy that lets them create phishing pages, perform fast fluxing, host drive-by downloads in addition to spamming. It's more like infrastructure than a botnet, although it does have a large botnet under its control. more
As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more
Mozilla was nominated as one of the three ISPAUK's 2019 Internet Villains for their proposed approach "to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK." more
Phishing, stealing personal information by impersonating a trusted organization, is a big problem that's not going away. Most antiphishing techniques to date have attempted to recognize fake e-mail and fake web sites, but this hasn't been particularly effective. A more promising approach is to brand the real mail and real web sites. more
Spam over Internet Telephony (SPIT) is viewed by many as a daunting threat. SPIT is much more fatal than email spam, for the annoyance and disturbance factor is much higher. Various academic groups and the industry have made some efforts to find ways to mitigate SPIT. Most ideas in that field are leaning on classical IT security concepts such as intrusion detection systems, black-/white-/greylists, Turing tests/computational puzzles, reputation systems, gatekeeper solutions, etc... We identified the lack of a benchmark testbed for SPIT as a serious gap in the current research on the matter, and this motivated us at the to start working on a first tool for that. more
As discussed in the several studies on name collisions published to date, determining which queries are at risk, and thus how to mitigate the risk, requires qualitative analysis. Blocking a second level domain (SLD) simply on the basis that it was queried for in a past sample set runs a significant risk of false positives. SLDs that could have been delegated safely may be excluded on quantitative evidence alone, limiting the value of the new gTLD until the status of the SLD can be proven otherwise. more
Pew Internet Project has released a report called "The Future of the Internet" based on a recently conducted survey where 1,286 internet experts are said to have looked at the future impact of the internet and assessed predictions about how technology and society will unfold. The following is and excerpt from the report predicting at least one devastating attack will occur in the next 10 years on the networked information infrastructure or the United States power grid. more
The Internet of today is awash with networking protocols, but at its core lie a handful that fundamentally keep the Internet functioning. From my perspective, there is no modern Internet without DNS, HTTP, SSL, BGP, SMTP, and NTP. Of these most important Internet protocols, NTP (Network Time Protocol) is the likely least understood and has the least attention and support. Until very recently, it was supported (part-time) by just one person. more
Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half. What does this mean in real terms? Are we finally winning the fight against spam? There are multiple angles. On the one hand, processing spam takes significant system resources... more
It shouldn't be a big surprise to hear that phishing is a big problem for banks. Criminals send email pretending to be a bank, and set up web sites that look a lot like a bank. One reason that phishing is possible is that e-mail has no built in security, so that if a mail message comes in purporting to be from, say, [email protected], there's no easy way to tell whether the message is really from bankofamerica.com, or from a crook. more
You won't go far with your cybersecurity when you're relying on the wrong intelligence. This is simply because not all types of threat intelligence are equal. You might have experienced this yourself; investing time and resources into just one only to receive meagre results in the end. Sadly, many organizations fail to realize that depending on just a single source of information is a big mistake. more
At the recent Anti-Phishing Working Group meeting in San Francisco, Rod Rasmussen and I published our latest APWG Global Phishing Survey. Phishing is a distinct kind of e-crime, one that's possible to measure and analyze in depth. Our report is a look at how criminals act and react, and what the implications are for the domain name industry. more