Cybercrime

Cybercrime / Most Viewed

Duqu Reported as Precursor to a Future Stuxnet-Like Attack

Virus researchers at Symantec Corp. have revealed a variant of the Stuxnet worm, named Duqu, that is found to be stealing information about industrial control systems. Symantec reports: "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility... Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose." more»

Obama Says Cybersecurity Would Be Top Priority in His Administration

Sen. Barack Obama, the U.S. presidential candidate outlined in a speech yesterday, what he envisioned for a cyber-security infrastructure that would protect the nation's computer networks and strengthen science and computer education programs. "I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber adviser who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information -- from the networks that power the federal government, to the networks that you use in your personal lives." more»

CADNA Held London Online Brand Abuses and Internet Governance Education Forum

The Coalition Against Domain Name Abuse (CADNA) recently held its London Online Brand Abuses and Internet Governance Education Forum. The forum included companies from the US, UK, Belgium, Netherlands and Switzerland, with half of the attendees representing Global 500 companies. Forum attendees expressed concerns over issues such as online brand dilution and the often-ineffective governance of ICANN. more»

ACMA: 30,000 PC's Infected in Australia Per Day

Anti-spam and malware enforcement agency ACMA reports on this (shocking high?) figure. Keep this up and ca. 50% of the Australian population is infected within a year. I remember a presentation from Sweden only a few years ago, that there were only a little over a thousand infected pc's in Sweden. (Reactions were: that can't be correct. Too low) Do you know what the numbers are for your country and maybe more importantly what your government and/or Industry is/are doing about it? more»

EU Launches First European Public-Private Partnership on Cybersecurity, Plans $2B Investment

The European Commission has launched a new public-private partnership on cybersecurity expected to trigger €1.8 billion ($2B) of investment by 2020. more»

Universities Spending $80K to Over $100K Per Year on Policing P2P Activities

As a result of the new P2P filesharing mandates signed into U.S. law this past summer, the country's 4400 colleges and universities are required to address issues of illegal P2P filesharing -- particularly music and movies. For instance, colleges and universities are "required to consider the use of technology-based deterrents" in developing plans to counter illegal P2P activity, such as traffic monitoring and bandwidth shaping. A new study by the Campus Computing Project reports the results of a summer 2008 survey aimed at addressing the campus costs of compliance with the new P2P filesharing mandates. more»

Botnets Now Number One Threat to ISP Backbones

Increasingly-intense distributed denial-of-service (DDOS) attacks on ISP backbones are surpassing providers' capacity and knocking customers offline, according to a new survey of service providers by Arbor Networks. While most large ISPs have upgraded their backbones to 10-Gbit/s speeds over the past two years, three respondents said they have experienced sustained attacks from 20- to 22 Gbit/s, and one hosting services provider in the survey reported a 24-Gbit/s DNS-targeted attack. The most powerful sustained attack previously was 17 Gbit/s, which was reported in last year's survey by Arbor. more»

Researchers Demonstrate How to Launch Undetectable Phishing Attacks

With the help of about 200 Sony Playstations, an international team of security researchers have devised a way to undermine the algorithms used to protect secure Web sites and launch a nearly undetectable phishing attack. To do this, they've exploited a bug in the digital certificates used by Web sites to prove that they are who they claim to be. By taking advantage of known flaws in the MD5 hashing algorithm used to create some of these certificates, the researchers were able to hack Verisign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet. more»

Mass Hacker Attack Reported on 40,000 Legitimate Websites

Hackers have compromised about 40,000 legitimate Websites, infecting them with malicious JavaScript that ultimately redirects users to a malicious site, says Websense. Security researchers at Websense say the tactics are reminiscent of the notorious RBN group. Although Websense would not name any of the compromised sites, researchers said the victims did not include any "big-name government or business sites." The compromised sites are redirecting users to typo-squatted misspellings of legitimate Google Analytics domains... more»

Verizon Tops US ISPs for Spam Abuse, Plans Prevention and Shift to Port 587

Brian Krebs of Washington Post reporting: "Verizon.net is home to more than twice as many spam-spewing zombies as any other major Internet service provider in the United States, according to an analysis of the most recent data from anti-spam outfit Spamhaus.org. Verizon, however, says it plans to put measures in place to prevent it from being used as a home to so many spammers. ... If spammers are attracted to the company's network, it may be because Verizon still allows customers to send e-mail on Port 25, the communications channel that is traditionally used by large organizations to send e-mail." more»

Nitro Attacks Target the Chemical Industry

New security report has revealed at least 48 companies involved in research, development, manufacturing of chemicals and advanced materials have been victims of a coordinated cyberattack traced to a source in China. The purpose of the attacks, code named Nitro, appear to be industrial espionage, collecting intellectual property for competitive advantage, according to Symantec. more»

IT Security Guide: "Financial Impact of Cyber Risk" Released by ANSI and ISA

The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released today a new action guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack. In 2004, the Congressional Research Service estimated the annual economic impact of cyber attacks on businesses -- which can come from internal networks, the Internet or other private or public systems -- to be more than $226 billion. In 2008, U.S. Department of Homeland Security Secretary Michael Chertoff named cyber risks one of the nation's top four priority security issues. more»

Vint Cerf on Internet's Key Infrastructure

BBC News is running Vint Cerf's personal view on the Internet's future. From the article: "Improving the resilience and resistance to attack of key infrastructure such as the Domain Name System (the phone book of the internet) and the routing system will be major focal points for near-term internet development. Introducing DNSSEC (security for the Domain Name System) and the digital signing of address space by the Regional Internet Registries will assume much higher priority..." more»

Ransomware Crime Bill Goes into Effect in the State of California

As of January 1, the delivery of ransomware is illegal in California as per Senate Bill 1137 going into effect. more»

Malaysia Wants to Handle Internet Related Crimes via 'Cyber Court'

Malaysia is considering establishing a "cyber court" to deal with the increasing number of crimes related to the Internet and blogging, a report said Tuesday. Communications Minister Shaziman Abu Mansor said more than 30 Internet-linked cases had been submitted to the country's attorney general in the past three years. "If in future if we cannot cope any more due to too many cases, we may need to have a cyber court," he said, according to the official news agency Bernama. more»