Cybercrime

Cybercrime / Featured Blogs

A Cynic's View of 2015 Security Predictions - Part 4

Lastly, and certainly not the least, part four of my security predictions takes a deeper dive into mobile threats and what companies and consumer can do to protect themselves. If there is one particular threat category that has been repeatedly singled out for the next great wave of threats, it has to be the mobile platform -- in particular, smartphones... The general consensus of prediction was that we're (once again) on the cusp of a pandemic threat. more»

Mega Hacks and the Employees That Lost

When a business gets hacked and its corporate information is dumped on the Internet for all and sundry to see (albeit illegally), the effects of that breach are obviously devastating for all concerned. In many ways it's like the day after a fierce storm has driven a super-cargo container ship aground and beachcombers from far and wide have descended upon the ruptured carcass of metal to cart away anything they think has value or can be sold by the side of road. more»

If It Doesn't Exist, It Can't Be Abused

A number of outlets have reported that the U.S. Post Service was hacked, apparently by the Chinese government. The big question, of course, is why. It probably isn't for ordinary criminal reasons: The intrusion was carried out by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud," USPS spokesman David Partenheimer said. ... But no customer credit card information from post offices or online purchases at usps.com was breached, they said. more»

Stopping Illegal Activity Online - It's More Complicated Than It Seems

There was a compelling article in the Wall Street Journal (WSJ) the other day about ICANN and illegal online pharmacies. The result of a six-month investigation, the reporter, Jeff Elder, calls into question ICANN's effectiveness in investigating complaints of suspected illegal activity on domain names it has a contractual relationship with. Elder cites a recent incident where Interpol and the U.S. Food and Drug Administration tried to have 1,300 websites shut down because they were suspected of selling drugs without a prescription. more»

.trust Technical Policy Launch

Whenever I examine the technical elements of the various Internet security certifications and standards that organisations are clamouring to achieve compliance against, I can't help but feel that in too many cases those businesses are prioritising the wrong things and wasting valuable resources. They may as well be following a WWI field guide on how to keep cavalry horses nourished and bayonets polished in a world of stealth aircraft and dirty bombs. more»

Where Is Cyberspace?

In my first CircleID post, I compared the cyberspace to a farmland, which has to be cultivated and developed. I ended by asking: Where is cyberspace? I have asked this same question from many people, many of whom are internet experts. They all said the cyberspace is in the computers, networks, or servers, or the Internet itself. I agree with these cyberspace ideas. In addition, my opinion is a bit different. more»

Cigarette Smuggling and Cyber Security: Low-Tech Crimes Fund High-Tech Threats

You may not connect the cheap cigarettes sold under the counter (or out of a trunk, bodega or by a street vendor) with the mysterious charges on your credit card that you don't remember making or the cash that has, somehow, just disappeared from your bank account. You also may not connect that website selling cheap cigarettes made in second and third world countries with Shellshock or whatever the fashionably scary cyber-threat of the day is when you're reading this. more»

Call for Nominations: M3AAWG J. D. Falk Award Seeks Stewards of a Better Online World

Anyone seeking to honor a groundbreaking contribution toward a better online world should submit a nomination for the 2014 M3AAWG J. D. Falk Award. Presented to people whose work on specific projects made the Internet a safer, more collaborative, more inclusive place, the J. D. Falk Award has recognized leaders and pioneers who saw elements of the online experience that needed improvement and took action to fix them.  more»

Senate Judiciary Committee Hearing on Botnet Takedowns (July 15, 2014)

The background is of course quite interesting, given how soon it has followed Microsoft's seizure of several domains belonging to Dynamic DNS provider no-ip.com for alleged complicity in hosting trojan RAT gangs, a couple of days after which the domains were subsequently returned -- without public comment -- to Vitalwerks, the operator of No-IP. This is by no means a new tactic for Microsoft, who has carried out successful seizures of various domains over the past two or three years. more»

UDRP Failure Endangers Consumers

Yesterday I participated in a panel at the International Consumer Product Safety Conference sponsored by the International Consumer Product Health and Safety Organization (ICPHSO) held at the European Commission in Brussels Belgium. This conference brings together the global community of product safety engineers, manufacturers, retailers, regulators, inspectors, and counterfeiting investigators. The role of online fraud and illicit product traffic is clearly one of the conference priorities. more»