IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more
Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more
We have just issued a new report detailing abuse of the Domain Name System and Registrar contract compliance issues. The report specifically discusses several items including: Registrars with current legal issues; Illicit Use of Privacy-Proxy WHOIS Registration; A study on the contracted obligation for Bulk WHOIS Access; and more. more
In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the Cisco® 2010 Annual Security Report, released today. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in "money muling," and that users continue to fall prey to myriad forms of trust exploitation. more
The past couple of weeks have been pretty seminal for anyone concerned about the state of Internet security and the bigger picture as to how much we could - do - and should - trust the Web. These two strange words - WikiLeaks and Stuxnet - have suddenly entered our lexicon and there is a lot to be concerned about in the world of smart grid. more
The European Commission is apparently considering the promulgation and adoption of a directive that would, at least in part, criminalize botnets. As I understand it, the premise behind adopting such a directive is that since botnets are capable of inflicting "harm" on a large scale, we need to separately criminalize them. I decided to examine the need for and utility of such legislation in this post. more
McAfee, Inc. today unveiled its McAfee Threats Report: Third Quarter 2010, which uncovered that average daily malware growth has reached its highest levels, with an average of 60,000 new pieces of malware identified per day, almost quadrupling since 2007. At the same time, spam levels decreased in volume this quarter, both globally and in local geographies. Spam hit a two year low this quarter while malware continued to soar. More than 14 million unique pieces of malware were identified in 2010, one million more than Q3 2009. more
What is so secret about the word, "Capacity"? As I read and talk with people I realize the word, "capacity" is typically missing from the DNS discussion. "Capacity" and "Security" are the two cornerstones to maximizing DNS resilience; both of which are typically missing from the DNS discussion. Have you seen a single DNS node easily process over 863,000 queries per second? Have you seen a network routinely handle over 50Gbits/second in outbound traffic alone without breaking a sweat? more
Craig Labovitz of Arbor Networks reports: "Back in 2007, the Myanmar government reportedly severed all Myanmar Internet connectivity in a crackdown over growing political unrest. Yesterday, Myanmar once again fell of the Internet. Over the course of the past several days, Myanmar's main Internet provider, the Ministry of Post and Telecommunication (or PTT for short), suffered a large, sustained DDoS attack disrupting most network traffic in and out of the country." more
Spam and virus trends in Q3'10 confirm that spammers are still hard at work distributing malicious content in new and creative ways, according to the latest reports. The latest spam and virus trends report is produced by Postini, Google's email security and archiving service that, according to the company, processes more than 3 billion email messages per day and more than 50,000 businesses. more
The U.S. became the top attack traffic source in the second quarter of 2010, accounting for 11% of observed attack traffic in total, reports Akamai in its State of the Internet Report released today. According to the report, China and Russia held the second and third place spots, accounting for just over 20% of observed attack traffic. Attack traffic from known mobile networks has been reported to be significantly more concentrated than overall observed attack traffic, with half of the observed mobile attacks coming from just three countries: Italy (25%), Brazil (18%) and Chile (7.5%). more
According to recent news reports, the administration wants new laws to require that all communications systems contain "back doors" in their cryptosystems, ways for law enforcement and intelligence agencies to be able to read messages even though they're encrypted. By chance, there have also been articles on the Stuxnet computer worm, a very sophisticated piece of malware that many people are attributing to an arm of some government. The latter story shows why cryptographic back doors, known generically as "key escrow", are a bad idea. more
In his keynote yesterday at the RSA Security Conference, former U.S. top chief counter-terrorism adviser, Richard A. Clarke, said cyberwar defence efforts need to focus on re-architecting networks not buying more technology. more
A recent study released today suggests 53 percent of critical infrastructure providers have experienced what they perceived as politically motivated cyber attacks. According to Symantec's 2010 Critical Information Infrastructure Protection (CIP) Survey, participants claimed to have experienced such an attack on an average of 10 times in the past five years, incurring an average cost of $850,000 during a period of five years to their businesses. more
A World-Renowned Source for Internet Developments. Serving Since 2002.