Cybersecurity |
Sponsored by |
Nobody loves a good crisis more than a hacker and, by anyone's definition, coronavirus is a big, fat stinking crisis that almost everyone on earth is sitting in the middle of. For most of us, a crisis brings out the best. First responders and the healthcare systems are replete with stories of superhuman sacrifice and commitment to others. Unfortunately, it is this commitment to the work at hand that puts cybersecurity on the back burner and increases the chance of a breach, break-in, or general mischief. more
Bangladesh's central bank governor has resigned today amidst theft of $81 million from the bank's U.S. account, as details emerged in the Philippines that $30 million of the money was delivered in cash to a casino junket operator in Manila. more
A power blackout in Ukraine's capital Kiev last month was caused by a cyber attack, according to Ukraine's National power company, Ukrenergo which hired investigators to help it determining the cause. more
In a recent blog post, Dan Jaffe, Association of National Advertisers' Executive VP of Government Relations, shares some concerns about ICANN's "overly rapid Top Level Domain rollout". more
Continued exploitation of the financial crisis to scam users with fake financial transactions services, fake investment firms, and fake legal services is the top trend to emerge for 2009 according threat predictions by McAfee. "Computer users face a dangerous one-two punch today," said Jeff Green, senior vice president of McAfee Avert Labs, McAfee's research group. "The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike." more
President Obama is seeking a 35 percent increase in cybersecurity funding in his final budget to boost the capability of the federal government to defend itself against cyberattacks, reports Ellen Nakashima in the Washington Post. more
Change is hard, and the larger the system, the slower the pace of change. There are just so many systems that need to change their behaviors, and the motivations of users, vendors, service providers, content generators and many others all vary. Getting all of us to change some aspect of our technology, platform or application set is hard, if not impossible, to orchestrate such that it happens at the same time. more
An apparently legitimate ISP in Tartu, Estonian is reported to have been serving as the operational headquarters of a large cybercrime network since 2005 according to TrendWatch, the security research arm of TrendMicro. "An Estonian company is actively administering a huge number of servers in numerous datacenters, which together form a network to commit cybercrime. It appears that the company from Tartu, Estonia controls everything from trying to lure Internet users to installing DNS changer Trojans by promising them special video content, and finally to exploiting victims' machines for fraud with the help of ads and fake virus infection warnings..." more
"Three years after hackers used a spearphishing attack to successfully gain access to internal data at the Internet Corporation for Assigned Names and Numbers (ICANN), the data is still being passed around and sold on black markets for $300, complete with claims that it’s never been leaked before," reports Patrick O'Neill in CyberScoop. more
Brian Krebs reporting on the Krebs on Security blog: "The FBI's top anti-cyber crime official today said the agency is planning a law enforcement action against so-called 'money mules,' individuals willingly or unwittingly roped into helping organized computer crooks launder money stolen through online banking fraud." more
The latest issue of Policy Review from the Hoover Institution, a public policy research center -- focused on advanced study of politics, economics, and political economy -- has an essay titled eWMDs – electronic weapons of mass destruction. The Policiy Review readers are warned that botnets should be considered a serious security problem and that "cyber attacks present a grave new security vulnerability for all nations and must be urgently addressed." more
Anti-Phishing Working Group (APWG) released its latest Phishing Activity Trends Report today warning that the number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement. "The number of hijacked brands ascended to an all-time high of 310 in March and remained, in historical context, at an elevated level to the close of the half in June," says the report. more
We are all aware of the steps for mitigating the spread of the novel coronavirus (COVID-19): Wash your hands; Practice social distancing; Report exposure.But these are not the only activities to practice right now. Cyber-criminals are taking advantage of this health crisis and the emotional upheaval it creates to perpetrate their crimes. Therefore, we also need to exercise good internet hygiene. In a time of crisis or tragedy, bad actors don't slow down; their efforts amplify. more
"Hackers infect army of cameras, dvrs for massive internet attacks," reports Drew Fitzgerald in the Wall Street Journal. more
In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more