Cyberattack

Cyberattack / News Briefs

Attack Seriously Slows Two Internet Root Servers

Online attackers have briefly disrupted service on at least two of the 13 "root" servers that are used to direct traffic on the Internet.

The attack, which began Tuesday at about 5:30 a.m. Eastern time, was the most significant attack against the root servers since an October 2002 distributed denial of service (DDOS) attack, said Ben Petro, senior vice president of services with Internet service provider Neustar Inc. more

Phishing Attacks Surpass Viruses and Trojans

Phishing attacks have outnumbered emails infected with viruses and Trojan horse programs for the first time, according to security experts.

...The difference in the ratio of phishing to virus attacks is partly due to virus attacks becoming more targeted and no longer occurring as one large outbreak. This includes the recent Storm Worm and Warezov attacks, according to MessageLabs. more

Legal Attack on ARIN Dismissed in Court

The American Registry for Internet Numbers (ARIN) has announced [PDF] that it has prevailed in a lawsuit that challenged ARIN's ability to allocate Internet Protocol (IP) number resources fairly. The lawsuit was brought by an individual - Gary Kremen - who sought to have a netblock of IP addresses transferred to him without agreeing to ARIN's standard terms and conditions.

"Today's victory is significant for consumers who rely on the Internet to operate efficiently and effectively," said ARIN President and CEO Raymond Plzak. more

Security Experts Warn VoIP Attacks May Be Just Around the Corner

It's become a familiar pattern in online security. A groundbreaking way to communicate emerges, spreads like wildfire, and then hackers find a way to use it to their advantage. Security companies react--but not before the problem has succeeded in wreaking havoc. It happened with e-mail and is happening now with instant messaging and mobile devices.

The next area that could be targeted: Voice over Internet Protocol, or VoIP, which lets people make low-priced phone calls using the same technology that delivers e-mail. And the results could be just as damaging, if not worse, than with other technologies, some security experts warn.  more

DNS Hackers Target Domain Registrars

Hackers have launched distributed denial of service attacks against the Domain Name System (DNS) servers of a brace of domain name registrars over recent days. The motive for the separate attacks against VeriSign and Joker.com remains unclear.

VeriSign said the attack on its name servers caused a "brief degradation" in the quality of its service to customers for around 25 minutes on Tuesday afternoon, ComputerWorld reports. Domain registrar Joker.com is recovering from an attack on its name servers last week that lasted for six days up until last Sunday. Joker.com, which is based in Germany, handles the registration of approximately 550,000 domains. more

DNS Servers Do Hackers' Dirty Work

"DNS is now a major vector for DDOS," Dan Kaminsky, a security researcher said, referring to distributed denial-of-service attacks. "The bar has been lowered. People with fewer resources can now launch potentially crippling attacks."

Just as in any DDOS attack, the target system -- which could be a victim's Web server, name server or mail server -- is inundated with a multitude of data coming from multiple systems on the Internet. The goal is to make the target unreachable online by flooding the data connection or by crashing it as it tries to handle the incoming data.  more

Phishing Attacks Evolved Steadily Throughout 2005 Security

Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community. Here are some of the phishing trends and innovations we noted in 2005...

Open redirects became a favorite method for phishing attacks to "borrow" the URL and credibility of a trusted web site. Redirects are common on large web sites, where server side scripts are employed to redirect users to different parts of the site. more

Industry Updates

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

The Orvis.com Data Leak: A Short Investigation Using WHOIS Information

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

InterMed Breach: How Threat Intelligence Sources Help Maintain Domain Integrity

BriansClub & PoS Malware Attacks: How Threat Intelligence Solutions Help Prevent Payment Card Theft

Alleviating the Constant Clash Between DevSecOps and DevOps Teams

Cloud and IaaS DLP Woes: Is Additional Threat Intelligence a Solution?

Carpet-Bombing Attacks: A Rising Threat to ISPs

How Threat Intelligence Prevents Nameserver Takeovers and Their Far-Reaching Damage

Can Domain Blacklisting Be Avoided?

How to Stay Safe Against DNS-Based Attacks

Unraveling Unsolved Mysteries with Threat Intelligence

IP Geolocation: Improving Data Loss Prevention in Virtual Environments through Geofencing

Is Blocking via IP Geolocation the Answer to Preventing DDoS Attacks?

Common Threats That Can Be Overcome by Email Verification