News Briefs

Latest

Targeted Social Engineering Attacks Against Corporations Reach Record Levels

A recent report by iDefense Labs estimates that there have been 66 distinct spear phishing attacks between February 2007 and June 2008, with the rate of attacks continuing to accelerate. Spear phishing groups have claimed more than 15,000 corporate victims in 15 months, with victim losses exceeding $100,000 in some cases. Victims include Fortune 500 companies, financial institutions, government agencies, and legal firms. more»

Just a Matter of Time Before DNS Attack Code Might Surface

One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon. Several hackers are almost certainly already developing attack code for the bug, and it will most likely crop up within the next few days, says one security expert. The author of one widely used hacking tool said he expected to have an exploit by the end of the day Tuesday. more»

Notorious Spam King Gets 4 Years in Prison

Robert Soloway, dubbed the "Spam King", who was charged with defrauding people through tens of millions of spam has been given four years in prison for mail fraud, electronic mail fraud, and failing to file a tax return. According to recent reports, federal prosecutors allege that from November 2003 to May 2007, Soloway sent tens of millions of email messages to advertise his company, which offered software to send out broadcast emails. For $495 customers could have an ad sent to 20,000,000 emails, or receive software allowing them to send up to 80,000,000 e-mails. Judge Marsha Pechman said laws governing Spam are very new territory for the courts, and the CAN-SPAM Act allows for only a maximum sentence of only five years. more»

DNS Security Flaw Secret Leaked Prior to Set Date: Patch DNS as Fast as Possible

In what seems to have started with a blog post by reverse engineer Halvar Flake, and subsequent blog postings from other experts in the know, the details of the recently announced DNS vulnerability was quite likely made public today. The DNS flaw was found earlier this year by security researcher Dan Kaminsky and earlier this month announced publicly along with various tools and patches provided by numerous vendors... more»

Comcast Proposes Its IPv6 Transition Solution to IETF, Invites ISPs to Participate

Comcast, the largest cable operator in the U.S., is reported to have developed an innovative approach for gradually migrating its customers to IPv6. The company has 24.7 million cable customers, 14.1 million broadband customers and 5.2 million voice customers. The solution dubbed Dual-Stack Lite, is backwards compatible with IPv4 and can be deployed incrementally according the company. Comcast has submitted this proposal to the Internet standards body, Internet Engineering Task Force (IETF) which has scheduled a review during the upcoming IETF meeting in Dublin later this month. From the Comcast document submitted to IETF... more»

U.S. Comprehensive National Cybersecurity Initiative Single Largest Fund for 2009

Walter Pincus of The Washington Post is reporting that President Bush's single largest request for funds and "most important initiative" in the fiscal 2009 intelligence budget is for the Comprehensive National Cybersecurity Initiative, a little publicized but massive program whose details "remain vague and thus open to question," according to the House Permanent Select Committee on Intelligence. CNCI or "Cyber Initiative" is a highly classified, multiyear, multibillion-dollar project designed to develop a plan to secure government computer systems against foreign and domestic intruders and prepare for future threats. "It is no longer sufficient for the U.S. Government to discover cyber intrusions in its networks, clean up the damage, and take legal or political steps to deter further intrusions," says Director of National Intelligence Mike McConnell. more»

Amazon's S3 Cloud Service Goes Down for Several Hours

Amazon's S3 system, which provides a pay-as-you-use processing service, died briefly at the weekend, and with it went many services that had hung their hat on it -- such as the organize-your-business company 37Signals, image caching by Twitter, and many iPhone apps, reports Charles Arthur of the Guardian. One of the things that makes the online storage service, Amazon S3, particularly useful for start-ups and heavy users is that it ties in with other Amazon Web Services like the elastic computing cloud and its SimpleDB service. Using all three services relieves start-ups from some of the tasks that generally would require significant time and money up front. more»

Website of Georgian President Under Attack, Political Motivation Suspected

For over 24 hours the website of President Mikhail Saakashvili of Georgia, a former Soviet republic, has been down as a result of a distributed denial of service (DDoS) attack. This attack appears to have a political motivation, says Jose Nazario of Arbor Neworks. "Tensions between Russia and Georgia appear to be running high lately." According to The Shadowserver Foundation, a security watchdog group, the site (www.president.gov.ge) began coming under attack very early Saturday morning (Georgian time). more»

Many Systems Open to Attack Through Channels Enabled to Support IPv6 Traffic

It may be years before the new internet protocol IPv6 takes over from the current IPv4, but a security researcher is warning that many systems -- corporate and personal -- are already open to attack through channels that have been enabled on their machines to support IPv6 traffic, according to the Wired report by Kim Zetter. Joe Klein, a security researcher with Command Information, says many organizations and home users have IPv6 enabled on their systems by default but don't know it. They also don't have protection in place to block malicious traffic, since some intrusion detection systems and firewalls aren't set up to monitor IPv6 traffic, presenting an appealing vector through which outsiders can attack their networks undetected. more»

European Researchers Introduce Live BitTorrent Streaming, Aim to Replace Traditional Broadcasting

European researchers have launched a beta version of a peer-to-peer streaming video service that is intended to eventually replace traditional broadcasts. This is the latest development from the P2P-Next project which has announced its trial program for streaming live video in true 4th generation P2P system using a zero-server approach. more»

Switzerland Leapfrogged Hong Kong as the Most Spammed Country, Says Recent Study

According to the most recent MessageLabs Intelligence monthly report, Switzerland has become the most spanned nation. From the report: "In June, Switzerland leapfrogged Hong Kong as the most spammed country with levels reaching 84.8% of all email. Many countries received a slight decrease in spam levels, with a few increases elsewhere, for example, spam in UAE rose by 7.4%, the highest increase this month. Spam levels in the US reached 68.8% in June, 77.8% in Canada and 74.3% in the UK. Germany's spam rate reached 73.5% and 73.2% in the Netherlands. Spam levels in Australia were 66.9%, 76.6% in China and 70.7% in Japan." more»

Obama Says Cybersecurity Would Be Top Priority in His Administration

Sen. Barack Obama, the U.S. presidential candidate outlined in a speech yesterday, what he envisioned for a cyber-security infrastructure that would protect the nation's computer networks and strengthen science and computer education programs. "I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber adviser who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information -- from the networks that power the federal government, to the networks that you use in your personal lives." more»

Open Registration of Top-Level Domain .Me Turns into Crisis

The .Me Top-Level Domain (TLD) Registry officially opened today for everyone on a first-come, first-served basis at 15:00UTC July 17, 2008. In follow up to the launch of this TLD, companies, organizations and members of the public where told that they can get a "Web presence that is truly personal, and have their new Web site working within minutes!" But apparently the process hasn't gone as smoothly as planedmore»

Romanian Authorities Arrest Over 20 Cybercrime Suspects

Authorities have arrested more than 20 people in Romania who are suspected of running online fraud schemes, according to media reports. The Tuesday arrests were confirmed by the U.S. Federal Bureau of Investigation (FBI), which has been working with Romanian officials on cybercrime in recent months. The FBI would say only that the agency is aware of the arrests and because "this is an ongoing matter, we will have no further comment at this time." The losses caused by the cybercrime ring is estimated to reach millions of euros. more»

Soloway Court Case Reveals the Sophisticated World of Online Fraud

Testimony received during the sentencing hearing for notorious spammer Robert Alan Soloway has offered an inside look at the big business of online fraud. Although anti-spam efforts implemented by ISPs have deterred many small-time spammers, sophisticated players remain active and they have developed tools to make their efforts easier. From the stand on Monday, investigators revealed some of the techniques that Soloway allegedly used to send out massive amounts of email. After the government seized Soloway's computer servers, investigators found files with as many as 10 million email addresses on each server along with Dark Mailer software on each server. more»

Latest News

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days

Sponsored Topics

Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias
Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services
Port25

Email

Sponsored by
Port25