Cybercrime

Blogs

Greater Caribbean Cooperation Needed to Combat Cyber Crimes

The Caribbean is under virtual siege as incidents of cyber attacks and cyber crimes surge across the region. "The sophisticated use of technology by highly incentivised criminal organisations has created unprecedented opportunities for transnational crime elements that no one region, country or entity can fight on its own. More inter-regional cooperation and collaboration are needed to develop and implement smart and integrated approaches to fight new and emerging cyber threats." more

Domain Related Crime: The 4 Steps of Effective Investigations

There is no rest for the wicked. If you think that 2018 was the climax of cybercrime, wait until you see what happens in the next few years as cybercriminals are constantly learning new ways to strike. Take for instance domain-related attacks now coming in a variety of forms. There's domain hijacking which involves gaining of access to domains and making changes without owners' permission. You have typosquatting where phishing is often utilized to steal valuable information. more

A Case for Regulating Social Media Platforms

There are some who see the regulation of social media platforms as an attack on the open internet and free speech and argue that the way to protect that is to let those platforms continue to self-regulate. While it is true that the open internet is the product of the same freedom to innovate that the platforms have sprung from, it is equally the product of the cooperative, multi-stakeholder organisations where common policy and norms are agreed. more

Investigating Domain Name Crime: Challenges and Essential Techniques

Who would think that so much could go wrong with something as seemingly innocent as a domain name? As cybercrime continues to evolve, causing devastating reputational and financial losses to businesses and organizations, web addresses are used as a weapon -- and it's not always easy to notice their many faces. In this article, let's take a look at the domain name crime landscape, discuss the current challenges investigators and legitimate registrants face, and talk about some useful techniques. more

Putting Cyber Threats Into Perspective

As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more

Building a Secure Global Network

Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more

CircleID's Top 10 Posts of 2018

It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more

Internet Economics

One year ago, in late 2017, much of the policy debate in the telecommunications sector was raised to a fever pitch over the vexed on-again off-again question of Net Neutrality in the United States. It seemed as it the process of determination of national communications policy had become a spectator sport, replete with commentators who lauded our champions and demonized their opponents. more

DK Hostmaster Wins Award for Transparency and Trust Online

The nonprofit Alliance for Safe Online Pharmacies (ASOP Global) presented its annual Internet Pharmacy Safety E-Commerce Leadership Award to .DK Hostmaster at the 2018 ICANN63 today in Barcelona, Spain. The domain name administrator for Denmark, DK Hostmaster, was selected for the award based on their commitment to ensuring citizen safety by maintaining transparent WHOIS data, proactively enforcing identity accuracy policies to increase consumer trust and safety online. more

Continued Threats from Malware

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

Traceability

At a recent workshop on cybersecurity at Ditchley House sponsored by the Ditchley Foundation in the U.K., a primary topic of consideration was how to preserve the freedom and openness of the Internet while protecting against the harmful behaviors that have emerged in this global medium. That this is a significant challenge cannot be overstated... That these harmful behaviors can and do cross international boundaries only makes it more difficult to fashion effective responses. more

Trump's Tweets Flouting the Cybercrime Treaty Curbs on Racist and Xenophobic Incitement

The existence of the 2001 Cybercrime Convention is generally well known. The treaty has now been ratified/acceded to by 60 countries worldwide, including the United States. Less well known is the existence of the Additional Protocol to the Convention "concerning the criminalization of acts of a racist and xenophobic nature committed through computer systems." more

A Trebuchet Defence in the Age of the Augmented Reality Cyberwarrior

I've been ruminating on this for a while, this follow-up that was a decade in the offing. My article Trench Warfare in the Age of The Laser-Guided Missile from January 2007 did pretty good in terms of views since I wrote it. Less so in terms of how well the ideas aged or didn't, but that's the nature of the beast. Everything gets worse, and simultaneously, better, and so here we are: Using embarrassingly ancient approaches to next-generation threats. Plus ça change. more

GDPR PII Time-Bomb? Kill it With Fire!

Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more

Why Are the EU Data Protection Authorities Taking Away Our Fundamental Right to be Safe?

What if we created a rule that gave everyone - good or bad - the right to hide their license plate, where they live, who they are, and just go incognito? What if we made it a right to walk into any building in the world, and simply say "No, thank you" when the security guards asked for one's identification? The criminals would celebrate, and we'd all be utterly alarmed. We would immediately be afraid for our personal safety. more

News Briefs

Baltimore Gets Hacked: Main Computer Systems Crippled, Experts Estimate Months to Recover

Hackers in Possession of Over 312K Files, 516GB Financial Data of Some of World's Largest Companies

Hacker Has Released Close to a Billion User Records Over the Past Two Months, Reports ZDNet

FBI, Department of Homeland Security Issue Warning About a North Korean Trojan Malware Variant

Russia Is Studying China's Legislative Experience in Fighting Internet Corruption, Cyber-Terrorism

Cryptominers Infected 10x More Organizations Than Ransomware in 2018

Volunteer-Based Project Succeeds in Taking Down 100,000 Malware Distribution Sites Within 10 Months

McAfee Labs 2018 Report Reveals 480 New Threats Per Minute, Sharp Increase in IoT-Focused Malware

Criminals Using New Phishing Techniques to Hide from Victims and Investigators, Reports APWG

Hackers Behind Marriott Breach Left Clues Suggesting Link to Chinese Government

Strange Email Used to Inform Marriott Customers About the Massive Data Breach

NTIA Releases Cybersecurity Road Map for "Building a More Resilient Internet"

Neglected Domain Renewals Increasingly Scooped Up by Crooks for Credit Card Stealing Purposes

Weekend Cyberattack on Pakistani bank reported to be a Historic $6 Million Loss, Bank Denies Claim

US Copyright Office Expands Security Researchers' Ability to Hack Without Going to Jail

Easy Access to ICANN, IP Address Data Beats Info on Encrypted Data, Says Telstra Cybersecurity Head

Frequency of DDoS Attacks Risen by 40% While Duration of Attacks Decrease

EU Authorities to Give Internet Companies 1 Hour to Take Down Extremist Content or Face Hefty Fines

British Airways Issues Apology for Cyberattack Affecting Hundreds of Thousands of Customers

Anti-Phishing Working Group Proposes Use of Secure Hashing to Address GDPR-Whois Debacle

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Industry Updates

Participants – Random Selection