Cybercrime

Cybercrime / Most Viewed

Experienced a Breach? Here Are Four Tips for Incident Response

The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries. The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks. more

Report on Possibly the Largest Data Breach Ever

Amidst all the recent reports of data breaches, Gunter Ollmann of IBM Internet Security Systems, has reported today about one particular case which may be the largest data breach to date. Ollmann wirtes: "The media has been full of analysis concerning data breaches over the last couple of weeks, mostly related to the uptick in 2008 reports. While much of this increase can be accounted for by the wider adoption of state legislation that mandates companies to publicly disclose their data breaches, I think it is worth pointing out today's latest disclosure -- which is quite probably the largest breach ever." more

Tackling Cyber Security: Should We Trust the Libertarians? Part 2

A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more

Final Day to Give Input on "Future of the Internet" Survey

Today, June 26, is the final day that you can help the Internet Society with its "Future of the Internet" survey. It takes about 20-25 minutes and will help my colleagues at the Internet Society develop a number of scenarios about the possible future of the Internet. These scenarios can help all of us in talking to policy makers, leaders, media and the general user population about the choices we have before us for the future of the Internet. more

Fraudsters Using Bogus and Legitimate Recruitment Sites to Con Job-Hunters Into Laundering Money

Reported today on BBC: "Police chiefs are urging people looking for work during the recession to be alert to online scams that trick them into laundering money. The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit 'money mules'. The 'mules are ordinary people who send and receive payments through their bank accounts to facilitate business." Neil Schwartzman has also informed us of a related report by RSA FraudAction Research Lab based on several months of tracking various reshipping scams engineered by online fraudsters. more

Microsoft Files New Cybersquatting Lawsuit

A Florida company has been charged with cybersquatting in a new lawsuit filed Wednesday. Twenty three domain names have been listed in the suit containing Microsoft's trademarks or misspellings of the names. The domain names which are registered to an entity called Domain Investments, include windoesmobile.com, wwwhotmajl.com, microsoft-games.com and zunedrivers.com. Many of the websites under the domains listed include advertising for various products and services. The suit is one of several typosquatting and cybersquatting suits filed by Microsoft. more

Security, Privacy Issues and USB Drives

In an article on CSO.com.au a report from Sophos Australia is reported on. The anti-virus software company had bought 50 usb drives for analyses at a public transport auction of devices left on the Sydney trains. When they wrote that 66% was infected with malware, I presumed that they were left behind consciously, but were they? more

Linking Internet Companies Caught Supporting Criminal Activities

Main Internet data carriers have stopped providing connectivity to Atrivo, an ISP notorious for serving a large number of scammers and spammers. Reporting on Washington Post's Security Fix, Brian Krebs uncovers thousands of domain names linked to spam and illegal activities that are registered through EstDomains, Atrivo's "most important customer". EstDomains is a reseller of Directi's registration services -- the ICANN accredited domain registration company which has also been under scrutiny as a result. more

NJ Content Liability Law Ruled Inconsistent with Sec. 230 (just like in Washington and Tennesse)

Back in a time before most members of Congress or prosecutors knew that there was an Internet, there was Prodigy. Prodigy, as part of its service, ran family-friendly chat rooms that it moderated in an effort to keep kids protected from unfortunate content. In a different Prodigy chat room, some unknown third party said something apparently bad about an investment firm Stratton-Oakmont. Stratton-Oakmont didn't like that very much, and sued. more

UK Reveals New Cyber Security Strategy, Aims to Make UK Safest in the World

With the new strategy, the government is aiming to make the UK one of the safest places in the world to do business, as well as tackling cybercrime and cyber-espionage in general, according to Maude. The document, the release of which has been delayed twice, replaces a two-year-old strategy and allocates £650m in funding to set up a National Cyber Security Programme. more

Domain Name Security Gains Prominence in German-Speaking World

The 2010 Domain Pulse, hosted by SWITCH (the .CH registry) was held in the snowy Swiss city of Luzern. Domain Name Security (DNS) was of particular importance in this year's meeting with DNSSEC being implemented in the root zone in 2010 by ICANN, and by many registries in the next few years. ICANN plan to have all root servers signed with DNSSEC by mid-2010 Kim Davies, Manager, Root Zone Services at ICANN told the meeting, starting with the L root server, then A root server with the last being the J root server as all are gradually signed. more

Cyber Crime: It's All About Data (Part 2)

In this part I want to focus on the gathering of cyber crime data. Are there best practices in the world on how cyber crime data is reported to law enforcement and aggregated to show the impact of said crime? Previously the discussion focused on the fact that cyber crime = crime and on a basic cyber (crime) training for every police officer. From the reactions this received, it is clear that some people see this as a possible solution. more

Over $31 Million Stolen by Hackers from Russian Central Bank

Hackers have stolen over 2 billion rubles ($31 million) from correspondent accounts at the Russian central bank, the bank reported today. more

Japan Developing Distinctive Anti-Cyberattack Virus

The Japanese Defense Ministry is creating a computer virus capable of tracking, identifying and disabling sources of cyberattacks, according to reports. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment. "The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus." more

BBC Creates Smartphone Malware to Expose Vulnerabilities

BBC News has shown how straightforward it is to create a malicious application for a smartphone. Over a few weeks, the BBC put together a crude game for a smartphone that also spied on the owner of the handset. The application was built using standard parts from the software toolkits that developers use to create programs for handsets. more

Industry Updates