Cybersecurity

Sponsored
by

Noteworthy

IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Cybersecurity / Recently Commented

More on Broadband Router Insecurity and Being Proactive

Fergie replied on NANOG to my recent post on the subject of broadband routers insecurity: "I'll even go a step further, and say that if ISPs keep punting on the whole botnet issue, and continue to think of themselves as 'common carriers' in some sense -- and continue to disengage on the issue -- then you may eventually forced to address those issues at some point in the not-so-distant future..." He is right, but I have a comment I felt it was important - to me - to make. Not just on this particular vulnerability, but on the "war"... more

Ailing ETO-2002 and the Demise of PKI

The only Cyber law passed in Pakistan till date is the famous ETO-2002 (Electronic Transaction Ordinance - 2002). It required Ministry of IT&T to set up a Central Repository for all digital certificates and in addition to set up a body to be named as Electronic Certification Accreditation Council (ECAC) to accredit Electronic Certification Authorities to be established in the country... In this regard, government has not only closed its eyes and has blindly trusted the only certificate authority (CA) in the country operated by a private business group, it has also mandated the citizens and business to trust it. Case in point is Central Board of Revenue (CBR) that has told all taxpayers to digitally sign the emails using the certificates issued by this private party... more

Broadband Routers and Botnets: Being Proactive

In this post I'd like to discuss the threat widely circulated insecure broadband routers pose today. We have touched on it before. Today, yet another public report of a vulnerable DSL modem type was posted to bugtraq, this time about a potential WIRELESS flaw with broadband routers being insecure at Deutsche Telekom. I haven't verified this one myself but it refers to "Deutsche Telekom Speedport w700v broadband router"... more

IPv6 Flaw Could Amplify DDoS Attacks

This week, experts sent two drafts to the Internet Engineering Task Force (IETF) proposing different ways of fixing a problem in the way that Internet Protocol version 6 (IPv6) allows the source of network data to determine its path through the network. The drafts recommend that the IPv6 feature should either be eliminated or, at the very least, disabled by default. more

Ready or Not… Here Come the IRC-Controlled SIP/VoIP Attack Bots and Botnets!

A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more

New Wave of Illegal Activity Breed of So-Called P2P Worm

Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace.

Security experts have predicted over the last several years that botnets of hijacked PCs would pose one of the staunchest challenges faced by the IT community as criminals discovered new ways to use them to deliver attacks. more

DHS Unprepared for DNS Security

Amid the outcry over allegations that the Department of Homeland Security (DHS) wants the security keys to the DNSSEC encryption technology slowly -- very slowly -- being adopted by internet overlord ICANN, one ICANN board member, Susan Crawford, warns the DHS is woefully unprepared for what lies ahead. more

Microsoft Investigating Windows DNS Server Attacks

Microsoft is investigating attacks exploiting a vulnerability in the Windows Server Domain Name System Service, as well as two types of hacks targeting Vista's OEM BIOS activation feature... "Our investigation reveals that this vulnerability could allow a criminal to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM," a Microsoft spokesperson said. more

Catching Phishy Domains Before They Go Live

Jackson, a 26-year-old developer from New Bedford, Massachusetts, who works for the Massachusetts Department of Public Health, is spending his spare time on a Web-based application called Crows Nest. It's designed to alert users when newly registered domain names that are likely to be used as phishing sites go live on the Internet. more

New IAB Chair Talks About DNS Security

Olaf Kolkman, a Dutch DNS expert, is the new chair of the Internet Architecture Board, a panel of 13 leading network engineers who provide technical oversight to the IETF, the Internet's premier standards-setting body. Kolkman says in a recent interview that DNSSEC isn't a failure, but it will take a while for the security extensions to become widely deployed. more

China Slashes .CN Domain Price to 13 Cents

CHINA'S top Internet address registration agency has slashed the price of domain names ending with .cn to one yuan (13 US cents) a year in order to win users from the ".com" service, whose server is overseas.

The China Internet Network Information Center, or CNNIC, said the promotion is for the sake of national information security and to increase Internet use in the world's second-largest Web market. more

Anti-DNS Google Desktop Attack Reported

Google's PC search software is vulnerable to a variation on a little-known Web-based attack called anti-DNS (Domain Name System) pinning, that could give an attacker access to any data indexed by Google Desktop, security researchers said this week.

...Anti-DNS pinning is an emerging area of security research, understood by just a handful of researchers, said Jeremiah Grossman, chief technical officer at WhiteHat Security. more

Microsoft to License Netcraft's Phishing Site Feed

Microsoft has licensed Netcraft's Phishing Site Feed for use in its Microsoft Phishing Filter Service, providing users of Internet Explorer 7 protection against the latest phishing attacks reported by the Netcraft Toolbar Community.

Microsoft's inclusion of Netcraft data in the Microsoft Phishing Filter was announced by Microsoft chairman Bill Gates during his keynote speech at the RSA Conference in San Francisco. more

Phishing Attacks Surpass Viruses and Trojans

Phishing attacks have outnumbered emails infected with viruses and Trojan horse programs for the first time, according to security experts.

...The difference in the ratio of phishing to virus attacks is partly due to virus attacks becoming more targeted and no longer occurring as one large outbreak. This includes the recent Storm Worm and Warezov attacks, according to MessageLabs. more

ICANN's Last Call for Whois Comments

From "Last Call for Whois Comments", a recent opinion piece by eWeek's Security Center Editor Larry Seltzer: "It's not a good sign when the criminals and the lawyers are on the same side of an issue; there may be no good solution to the problems of Whois service rules. Who would have imagined that so much business and so much abuse would center around Internet domain names? Certainly not the designers of the system, including those of the Whois service, which reports on ownership and some other data on domain names... more

Industry Updates