Cybersecurity

 Sponsored
by

Cybersecurity / Featured Blogs

VoIP/IP Telephony in Estonia: Disrupted by Botnets?

May 21, 2007

With my post earlier this month about the possibility of SIP botnets [also featured here on CircleID], I've had a number of people asking about more information and wondering about the possible impacts. And while I will write more on botnets in general, as far as the potential impact of "botnets" in general, one need only look over at the current situation in Estonia... Now, perhaps Russia is behind the attack... perhaps not. There are obviously much larger political issues going on between the two states. more

Book Review: Sex.com by Kieren McCarthy

May 14, 2007

On the face of it, Kieren McCarthy's Sex.com was a book that could have written itself: a notorious, well-publicised feud over the most valuable domain name in existence, between two charismatic men -- one a serial entrepreneur with a weakness for hard drugs (Gary Kremen), the other a gifted con-man with delusions of grandeur (Stephen Cohen). It's a story replete with vicious acrimony, multi-million dollar lawsuits, and rumours of gunfights between bounty hunters in the streets of Tijuana. Thankfully, McCarthy wasn't content to just bundle together all the articles he's written about Sex.com over the years and slap a cover on the front... more

More on Broadband Router Insecurity and Being Proactive

May 13, 2007

Fergie replied on NANOG to my recent post on the subject of broadband routers insecurity: "I'll even go a step further, and say that if ISPs keep punting on the whole botnet issue, and continue to think of themselves as 'common carriers' in some sense -- and continue to disengage on the issue -- then you may eventually forced to address those issues at some point in the not-so-distant future..." He is right, but I have a comment I felt it was important - to me - to make. Not just on this particular vulnerability, but on the "war"... more

Ailing ETO-2002 and the Demise of PKI

May 13, 2007

The only Cyber law passed in Pakistan till date is the famous ETO-2002 (Electronic Transaction Ordinance - 2002). It required Ministry of IT&T to set up a Central Repository for all digital certificates and in addition to set up a body to be named as Electronic Certification Accreditation Council (ECAC) to accredit Electronic Certification Authorities to be established in the country... In this regard, government has not only closed its eyes and has blindly trusted the only certificate authority (CA) in the country operated by a private business group, it has also mandated the citizens and business to trust it. Case in point is Central Board of Revenue (CBR) that has told all taxpayers to digitally sign the emails using the certificates issued by this private party... more

Broadband Routers and Botnets: Being Proactive

May 12, 2007

In this post I'd like to discuss the threat widely circulated insecure broadband routers pose today. We have touched on it before. Today, yet another public report of a vulnerable DSL modem type was posted to bugtraq, this time about a potential WIRELESS flaw with broadband routers being insecure at Deutsche Telekom. I haven't verified this one myself but it refers to "Deutsche Telekom Speedport w700v broadband router"... more

Ready or Not… Here Come the IRC-Controlled SIP/VoIP Attack Bots and Botnets!

May 09, 2007

A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more

Put Security Alongside .XXX

Apr 03, 2007

Isn't security as important to discuss as .XSS? The DNS has become an abuse infrastructure, it is no longer just a functional infrastructure. It is not being used by malware, phishing and other Bad Things [TM], it facilitates them. Operational needs require the policy and governance folks to start taking notice. It's high time security got where it needs to be on the agenda, not just because it is important to consider security, but rather because lack of security controls made it a necessity. more

.COM and .NET: Thick Or Thin?

Apr 02, 2007

The fallout from the failure of RegisterFly has been largely addressed as an issue of regulation and enforcement. ...ICANN has not historically enforced the escrow obligation, and in any case, if a company has failed, who exactly is going to take responsibility for updating the escrowed data? It seems to me that the problems that have arisen as a result of RegisterFly's collapse have more to do with the design of the "shared registry system" for the .COM and .NET TLDs than they do with ICANN's failure to enforce the RAA. more

Ongoing Internet Emergency and Domain Names

Mar 31, 2007

There is a current ongoing Internet emergency: a critical 0day vulnerability currently exploited in the wild threatens numerous desktop systems which are being compromised and turned into bots, and the domain names hosting it are a significant part of the reason why this attack has not yet been mitigated. This incident is currently being handled by several operational groups. This past February, I sent an email to the Reg-Ops (Registrar Operations) mailing list. The email, which is quoted below, states how DNS abuse (not the DNS infrastructure) is the biggest unmitigated current vulnerability in day-to-day Internet security operations, not to mention abuse. more

Why I Voted for .XXX

Mar 30, 2007

The ICANN Board voted today 9-5, with Paul Twomey abstaining, to reject a proposal to open .xxx. This is my statement in connection with that vote. I found the resolution adopted by the Board (rejecting xxx) both weak and unprincipled... I am troubled by the path the Board has followed on this issue since I joined the Board in December of 2005. I would like to make two points. First, ICANN only creates problems for itself when it acts in an ad hoc fashion in response to political pressures. Second, ICANN should take itself seriously as a private governance institution with a limited mandate and should resist efforts by governments to veto what it does. more

Industry Updates

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

Uncovering Suspicious Download Pages Linked to App Installer Abuse

On the DNS Trail of the Rise of macOS Backdoors

Checking Out the DNS for More Signs of ResumeLooters

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Searching for Potential Propaganda Vehicle Presence in the DNS

Following the VexTrio DNS Trail

DarkGate RAT Comes into the DNS Spotlight

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

The New RisePro Version in the DNS Spotlight

CSC Partners with NetDiligence to Help Mitigate Cyber Risks and Support the Cyber Insurance Ecosystem

  • By CSC
  • Feb 21, 2024

Tracking Down Sea Turtle IoCs in the DNS Ocean

View More