Kevin Murphy reporting in DomainIncite: "Interpol plans to apply to join ICANN's Governmental Advisory Committee as an observer, according to ICANN. The news came in a press release this evening, detailing a meeting between ICANN president Rod Beckstrom and Interpol secretary general Ronald Noble. The meeting 'focused on Internet security governance and enhancing common means for preventing and addressing Internet crime'." more»
Microsoft Program Manager, Jeb Haber, reports in a blog post that from browser data collected on user downloads, 1 out of every 14 programs downloaded is later confirmed as malware. Haber says: "Consumers need information to make better decisions. That said, IE9 adds another layer of defense against socially engineered attacks that now looks at the application being downloaded -- this is in addition to the URL-based protection described above. This new layer of protection is called SmartScreen Application Reputation." more»
With cybercrime now the second largest criminal activity in the world, measures such as the creation of an 'Internet Interpol [International police]' and better cooperation between international law enforcement agencies are needed if criminals are to be curtailed in the future, Kaspersky Labs founder and security expert, Eugene Kaspersky, has argued. Speaking at AusCERT 2011, the Moscow-based Kaspersky said the last five years had proved to be the "Golden Age" of cyber crime... more»
Declan McCullagh reports in CNet News: "The White House today sent Congress a proposed cybersecurity law designed to force companies to do more to fend off cyberattacks, a threat that has been reinforced by recent reports about vulnerabilities in systems used in power and water utilities. This proposal seems designed to prod the legislative branch to enact some variety of cybersecurity legislation..." more»
A recently conducted analysis of Canada's cyber security risk profile by Websense has detected trends indicating Canada is becoming the new launchpad for cybercriminals. Sr. Manager, Security Research at Websense in a blog post writes: "Cybercriminals are on the move again. And, this time, Canada is the prime target. IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. So hackers are on a quest to move their networks to countries, like Canada, that have better cyber reputations." more»
The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more»
NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more»
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more»
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more»
Researchers at Texas A&M University say they have a new method for finding domain-fluxing botnets, which evade detection by constantly alternating domain names. Dr. Narasimha Reddy, who works in the University's Department of Electrical and Computer Engineering, collaborated with student Sandeep Yadav and Ashwath Reddy, as well as with Supranamaya "Soups" Ranjan with Narus Inc., to develop the new method. It can be used to detect botnets like Conficker, Kraken and Torpig, which use the so-called DNS domain-fluxing... more»
Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more»
Kevin Murphy reporting in The Register: "Cyber cops from both sides of the Atlantic are meeting with domain name registrars in Brussels today to try to figure out ways to crack down on internet crime. This second meeting of the 'EU-US working group on cyber security and cybercrime' is dedicated to increasing cooperation between law enforcement agencies and the companies that unwittingly sell web addresses to online crooks, according to attendees." more»
Reported in TorrentFreak: "The US Government has yet again shuttered several domain names this week. The Department of Justice and Homeland Security's ICE office proudly announced that they had seized domains related to counterfeit goods and child pornography. What they failed to mention, however, is that one of the targeted domains belongs to a free DNS provider, and that 84,000 websites were wrongfully accused of links to child pornography crimes. As part of "Operation Save Our Children" ICE's Cyber Crimes Center has again seized several domain names, but not without making a huge error." more»
Aliya Sternstein reporting in Nextgov: "The Homeland Security Department has requested an unprecedented $936 million in funding for fiscal 2012 to grow the federal cybersecurity workforce and enhance network protections. President Obama's budget would grant DHS, which last year assumed responsibility for governmentwide cyber operations, a $100 million increase over funding enacted the last time Congress passed full-year appropriations in 2010." more»
In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the Cisco® 2010 Annual Security Report, released today. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in "money muling," and that users continue to fall prey to myriad forms of trust exploitation. more»
