Cybercrime

Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Cybercrime / News Briefs

New Law Will Prevent Domain Registration of Another Living Person

A domain name bill by New York State Senator, Betty Little, will be taking effect in 120 days aimed at preventing any individual from registering a domain name - with the intent to profit - that resembles another living person or business. From the press release: "The law provides for a civil penalty of up to $1,000 for each day the violation occurs. In addition, the New York State Attorney General is enabled to apply to the Supreme Court for an injunction, including forfeiture or cancellation of the domain name..." more

DNS Attack: 10-Year-Old Security Problem Is Back Haunting Corporate IT

At the Black Hat conference, security researcher Dan Kaminsky showed how problems in the way browser software works with the Internet's Domain Name System (DNS) could be exploited to give attackers access to any resources behind the corporate firewall. The key problem is the way web browsers determine how to trust other computers, says Kaminsky. This decision is based on the Internet domain name of the computer, and that DNS information can be misused... more

New Report Warns Against "DNS Forgery Pharming" on BIND 9

In a recent report released by Trusteer, security researcher Amit Klein has cracked BIND's random number generator and demonstrated a new attack affecting most Internet users. In this "DNS Forgery Pharming" attack fraudsters can remotely force consumers to visit fraudulent websites without compromising any computer or network device. more

CADNA Launches National Campaign Against Typosquatting

The Coalition Against Domain Name Abuse (CADNA), a non-profit organization based in Washington D.C., is confronting 'cybersquatting', or as defined in the report today, the fraudulent abuse of domain name registration that threatens the future viability of Internet commerce. From today's release: "To effectively combat cybersquatting, CADNA will work at the federal and international levels to make these fraudulent practices difficult to establish and unprofitable to maintain. Among the coalition's goals are to pursue congressional legislation that would increase the statutory damages set forth by the existing Anti-Cybersquatting Consumer Protection Act..." more

Businesses Losing Battle Against DNS Attack, Says New Study

According to a new research study, companies are in struggle to keep their DNS (Domain Name Systems) protected from malicious attackers. Many businesses remain vulnerable, as over half the respondents reported having fallen victim to some form of malware attack. Over one third had been hit by a denial-of-service attack while over 44 percent had experienced either a pharming or cache poisoning attack. more

4,000 iPhone Domains Registered, Expected to Double Before Year's End

The Associated Press is reporting today that although the 'iPhone.com' domain name was grabbed long before January 9th, when Apple announced its new gadget, speculators have been registering thousands of iPhone-related domain names such as 'iPhoneJewelry.com' and 'TheAppleMaciPhone.com'. Although the registrations dropped to 25 per day for a while, they have picked up rapidly and more than 350 iPhone related domain names were registered in a day last week. more

Petition Launched on YouChoose.net Against Domain Name Parking

Co-Founder of YouChoose, Mike Dever says in a report released today that a petition has been launched on YouChoose.net at the end of last week against domain name parking". YouChoose is a social network for setting up and supporting 'Pledge Campaigns' and 'Petitions'. Dever says that the campaign against domain name parking and cybersquatting has "immediately attracted hundreds of signatures from concerned website owners. We realize that the issue of domain name parking is very complex..." more

California Man Gets 6 Years in Prison for Phishing

A California man who was found guilty earlier this year for operating a sophisticated phishing scheme that attempted to deceive thousands of AOL users has now received a prison sentence of 70 months -- a fraction of the 101 years he could have been given. InformationWeek reports: "In the first jury conviction under the Can-Spam Act of 2003, Jeffrey Brett Goodin, of Azusa, Calif., was convicted of sending thousands of e-mails set up to appear to be from AOL's billing department to the company's users, prompting them to reply with personal and credit-card information. He then used the information to make unauthorized purchases, according to the U.S. Attorney's Office in Los Angeles." more

Business 2.0 Does Front Page Story on the Most Powerful Unknown Domainer

Business 2.0 Magazine is running a front page story on Kevin Ham, considered as one of the most powerful "domainer", and how he has managed to build a $300 million empire using everything from domain tasting to typo-squatting the entire nation of Cameroon. From the article, "Ham's people installed a line of software, called a 'wildcard,' that reroutes traffic addressed to any .cm domain name that isn't registered. In the case of Cameroon, a country of 18 million..." more

IPv6 Flaw Could Amplify DDoS Attacks

This week, experts sent two drafts to the Internet Engineering Task Force (IETF) proposing different ways of fixing a problem in the way that Internet Protocol version 6 (IPv6) allows the source of network data to determine its path through the network. The drafts recommend that the IPv6 feature should either be eliminated or, at the very least, disabled by default. more

Starbucks Chairman, Founder Called Typosquatter and Typosquasher

Starbucks chairman and founder, Mr. Schultz's venture capital firm, Seattle-based Maveron, and H. Ross Perot's investment arm last month plowed $38 million into iREIT, a Houston-based company that has been accused of typosquatting by telecom giant Verizon. But earlier this year, Maveron also invested in Aliso Viejo, California-based CitizenHawk, which makes software that helps trademark holders identify typosquatters and initiate legal action against them. more

New Wave of Illegal Activity Breed of So-Called P2P Worm

Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace.

Security experts have predicted over the last several years that botnets of hijacked PCs would pose one of the staunchest challenges faced by the IT community as criminals discovered new ways to use them to deliver attacks. more

Microsoft Investigating Windows DNS Server Attacks

Microsoft is investigating attacks exploiting a vulnerability in the Windows Server Domain Name System Service, as well as two types of hacks targeting Vista's OEM BIOS activation feature... "Our investigation reveals that this vulnerability could allow a criminal to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM," a Microsoft spokesperson said. more

US Homeland Security Wants Control Over DNS

The US Department of Homeland Security (DHS), which was created after the attacks on September 11, 2001 as a kind of overriding department, wants to have the key to sign the DNS root zone solidly in the hands of the US government... During the current ICANN meeting in Lisbon, Bernard Turcotte, president of the Canadian Internet Registration Authority (CIRA) drew everyone's attention to this proposal as a representative of the national top-level domain registries (ccTLDs). more

Microsoft Launches Court Actions Against Cybersquatters

Microsoft is launching a string of court actions in the United States and Europe against cybersquatters, the Financial Times reported on Wednesday.

"Cybersquatting is a growing problem for brands around the world and we hope to educate other brand holders and encourage them to take action," Aaron Kornblum, a senior Microsoft lawyer, told the business daily. more

Industry Updates

Typosquatting Data Feed Can Enhance Lloyds Bank's Typosquatting Protection

60+ PayPal Potential Typosquatting Domains Detected in the Beginning of June

Typosquatting Domains Every AppleID Owner Should Avoid

Shopping and the Pandemic: Increased Reliance on Mobile Apps 

Typosquatting Protection: A Look into Instagram-Themed Domain Names

Investigating Typo Domains Beyond Credit Suisse's Spying Scandal

IP Geolocation Intelligence: An Aid Against Location-Based Threats?

How to Avoid Phishing Campaigns Targeting CARES Act Recipients

Newly Registered Domains Database Shows Threat Actors Exploit the Need for N95 Masks amid the Pandem

Domain and IP Intelligence Checks Following the Launch of the COVID-19 Solidarity Response Fund

Under the Hood of 3M- and 3M Mask-Themed Recently Registered Domains

Domain Intelligence Shows Cybercriminals May Abuse Video-Conferencing Services' Brand Names

How Cyber Threat Intelligence Feeds Can Support MSSPs

Brand Monitor and Typosquatting Data Feed: Two Assets to Support Spear-Phishing Prevention

Combating COVID-19 Cybercrime – What Internet Infrastructure Providers Like Afilias Are Doing