Domain Registrars Releasing Suspended Domains to Attackers

Mary Landesman of ScanSafe reports: "A new outbreak of SQL attacks began on the 8th. Not that they ever really go away, but new waves replace the old ones. The attackers are using a much larger number of domains than seen in previous months. Just 11 days into June, and already 54 of these domains have been observed. Many of these are previously suspended domains that registrars have released back to the attackers. more»

Comcast Domain Name Hacked, Website Breached for Several Hours

Shortly before 11 p.m. EDT yesterday, Comcast users began noticing that Comcast.net had been hacked. More technically, early indications are that someone hacked Comcast's registrar account at Network Solutions, changing the authoritative DNS servers for Comcast.net -- rerouting portal visitors to IP addresses in Germany or elsewhere. The front page of Comcast.net was replaced with a note saying the hackers had "RoXed" Comcast, according to postings at BroadbandReports.com. more»

DNS Troubles at the U.S. National Security Agency

DNS server problems at the U.S. National Security Agency have knocked the secretive intelligence agency site offline for several hours. Reports suggest various possible reasons including an internal routing problem of some sort on their side or errors in firewall or ACL [access control list] policy. Other possibilities are speculated to be a technical glitch or a hacking incident. The NSA is responsible for analysis of foreign communications, but it is also charged with helping protect the U.S. government against cyber attacks -- the outage is an embarrassment for the agency. more»

CEO's Advised to Wake Up to Cyberthreats

Paul Twomey, chief executive of ICANN and member of the British-North American Committee, advises chief executives of the risks to business from cyber-espionage and how to deal with them... "There are reports of cyber-espionage against the US defense industry and the UK by China," said Twomey on Wednesday. more»

NATO Nations Sign Agreement on Cyber Defense Center

Seven NATO nations gave their backing on Wednesday to a new cyber defense centre in Estonia, the ex-Soviet state which last year faced weeks of attacks on its Internet structure after a row with Russia. Germany, Italy, Latvia, Lithuania, Slovakia and Spain agreed to help fund and staff the centre in the Estonian capital Tallinn. The United States will initially send an observer to the project, aimed at boosting defenses against such attacks. more»

Report Shows Substantial Rise in Phishing Attacks in 2008

According to a recent security report, the number of phishing attacks on financial services customers has increased dramatically this year, with fraudsters focusing on three banks whose customers they have judged to be particularly vulnerable. Just as phishing seemed to have slipped off the consumer radar, online fraudsters have leapt on the chance to capitalize on this false sense of security and have increased their phishing activity... more»

Escalating Attacks on U.S. Military Networks Linked to China

Numerous hacks from the Far East sure look like concerted attacks against U.S. military installations, but nobody's saying for sure... A Wall Street Journal article March 12 described how military networks are increasingly the targets of hackers. The targets are not limited to actual Department of Defense networks, but can also include defense industries and think tanks. more»

Cyberattack Causes Power Blackout in Multiple Cities

A cyberattack has caused a power blackout in multiple cities outside the United States, the CIA has warned. The SANS Institute, a computer-security training body, reported the CIA's disclosure on Friday. CIA senior analyst Tom Donahue told a SANS Institute conference on Wednesday in New Orleans that the CIA had evidence of successful cyberattacks against critical national infrastructures outside the United States. more»

Google Blocking 1 Billion Messages a Day; Calls 2007 Spam and Virus Attacks Worst in History

With Google's recent Postini addition, it now reports to be processing email for more than 35,000 businesses and 12 million end users, and blocking around 1 billion messages per day... "We saw a peak of activity in October 2007 where volume was a 263 percent increase from September 2006 and Postini blocked 47 billion spam messages, more than 320 Terabytes of spam (now that's a lot of spam). The average unprotected email user would have received 32,000 spam messages in their in-boxes so far this year. Talk about lost productivity. In fact, Nucleus research estimates unchecked spam can cost a company up to $742 per user." more»

68,000 Open Recursive DNS Servers Behaving Maliciously; "This is a crime with few witnesses"

Reported today: "Researchers at Google Inc. and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet." The Georgia Tech and Google researchers estimate that as many as 0.4%, or 68,000, open-recursive DNS servers are behaving maliciously, returning false answers to DNS queries. Unlike other DNS servers, open-recursive systems will answer all DNS lookup requests from any computer on the Internet, a feature that makes them particularly useful for hackers. They also estimate that another 2% of them provide questionable results. more»

Hackers Spreading Malicious Code Using Typosquatted Domains

Finjan Inc., a web security company, has released reports today on hackers and cyber-criminals using typosquatted domain names to infect visitors to legitimate websites and increase the lifecycle of cyber-attacks. Leveraging the similarity to legitimate and frequently used domain names is successfully enabling these attackers to go unnoticed by webmasters and security solution providers. more»

Botnets Now Number One Threat to ISP Backbones

Increasingly-intense distributed denial-of-service (DDOS) attacks on ISP backbones are surpassing providers' capacity and knocking customers offline, according to a new survey of service providers by Arbor Networks. While most large ISPs have upgraded their backbones to 10-Gbit/s speeds over the past two years, three respondents said they have experienced sustained attacks from 20- to 22 Gbit/s, and one hosting services provider in the survey reported a 24-Gbit/s DNS-targeted attack. The most powerful sustained attack previously was 17 Gbit/s, which was reported in last year's survey by Arbor. more»

Vint Cerf on Internet's Key Infrastructure

BBC News is running Vint Cerf's personal view on the Internet's future. From the article: "Improving the resilience and resistance to attack of key infrastructure such as the Domain Name System (the phone book of the internet) and the routing system will be major focal points for near-term internet development. Introducing DNSSEC (security for the Domain Name System) and the digital signing of address space by the Regional Internet Registries will assume much higher priority..." more»

Cyberattacks on Estonia Further Explored

The distributed denial of service (DDoS) attack that brought down most of Estonia's internet infrastructure a few months ago, has been explored by Joshua Davis in a recent story at the Wired Magazine. "In the coming months, commentators around the world would look back at this moment and debate its significance. But for Aaviksoo, the meaning was clear. This was not the first botnet strike ever, nor was it the largest. But never before had an entire country been targeted on almost every digital front all at once, and never before had a government itself fought back..." more»

DNS Attack: 10-Year-Old Security Problem Is Back Haunting Corporate IT

At the Black Hat conference, security researcher Dan Kaminsky showed how problems in the way browser software works with the Internet's Domain Name System (DNS) could be exploited to give attackers access to any resources behind the corporate firewall. The key problem is the way web browsers determine how to trust other computers, says Kaminsky. This decision is based on the Internet domain name of the computer, and that DNS information can be misused... more»