A recently conducted analysis of Canada's cyber security risk profile by Websense has detected trends indicating Canada is becoming the new launchpad for cybercriminals. Sr. Manager, Security Research at Websense in a blog post writes: "Cybercriminals are on the move again. And, this time, Canada is the prime target. IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. So hackers are on a quest to move their networks to countries, like Canada, that have better cyber reputations." more»
Iran has been hit by a second computer virus according to a senior military official, suggesting it was part of a concerted campaign to undermine the country's disputed nuclear program. Gholam Reza Jalali, the head of an Iranian military unit in charge of combatting sabotage, said on Monday that experts discovered the "espionage virus," which he called "Stars." more»
The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more»
In a SecurityWeek article today, Ram Mohan writes: "Just over two years ago, the Internet held its breath. The high-profile, widely proliferated Conficker worm had been in the wild from October 2008; its largest mutation was revealed in February 2009, with a widely publicized activation date of April 1, 2009. ... What we do know: Conficker could have proved much more damaging than it ultimately did, and the threat has not entirely disappeared." more»
NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more»
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more»
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more»
Researchers at Texas A&M University say they have a new method for finding domain-fluxing botnets, which evade detection by constantly alternating domain names. Dr. Narasimha Reddy, who works in the University's Department of Electrical and Computer Engineering, collaborated with student Sandeep Yadav and Ashwath Reddy, as well as with Supranamaya "Soups" Ranjan with Narus Inc., to develop the new method. It can be used to detect botnets like Conficker, Kraken and Torpig, which use the so-called DNS domain-fluxing... more»
Neil Schwartzman writes: "There is a lot of press on the profound effect the take-down of the Rustock botnet, affected by Microsoft, some U.S. federal agencies, and countless others working in the background to assist in the effort. CAUCE has aggregated a few of the best stories and data-points. A community congratulations, and thank-you to all those involved!" more»
Only 39 percent of computers scanned in February were infected with malware, compared to 50 percent last month, according to recent data gathered by Panda Security. Trojans were found to be the most prolific malware threat, responsible for 61 percent of all cases, followed by traditional viruses and worms which caused 11.59 percent and 9 percent of cases worldwide, respectively. more»
Mathew Schwartz reporting in InformationWeek: "Security researchers detail the high level of international coordination required to hinder the worm's spread. On Monday, the Rendon Group released a report, funded by the Department of Homeland Security, rounding up the 15-person-strong working group's 'lessons learned.' The report highlighted the group's biggest achievement: "preventing the author of Conficker from gaining control of the botnet." Doing so, however, required coordinating with organizations in more than 100 countries..." more»
In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the Cisco® 2010 Annual Security Report, released today. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in "money muling," and that users continue to fall prey to myriad forms of trust exploitation. more»
From the Economist on the long life of spam: "The criminal businesses that rely on spam are most at risk in law-abiding bits of the real world, such as America. Just like honest businesses, they appreciate its robust networks, reliable web-hosting. But law-enforcement agencies and internet security companies are also more active in such countries and have started working closely together. When Mr Bruen presents evidence to reputable hosting companies in America that their customers are fraudsters, they unplug them. Police agencies are increasingly interested to hear from him and fellow experts about the others. That, says Mr Bruen, reflects an important point. The word “cyber” in cybercrime obscures real crimes committed in real places." more»
McAfee, Inc. today unveiled its McAfee Threats Report: Third Quarter 2010, which uncovered that average daily malware growth has reached its highest levels, with an average of 60,000 new pieces of malware identified per day, almost quadrupling since 2007. At the same time, spam levels decreased in volume this quarter, both globally and in local geographies. Spam hit a two year low this quarter while malware continued to soar. More than 14 million unique pieces of malware were identified in 2010, one million more than Q3 2009. more»
Michel van Eeten reports in IGP: "Last week, the Dutch police managed to shut down the 'Bredolab' botnet. At least, that is what they claimed during the worldwide media coverage that followed. A few days later, while the policy was still basking in the praise for its success, the botnet was resurrected. Embarrassing? Yes. Surprising? Not really. It highlights a fundamental misunderstanding about the fight against botnets. Contrary to what the Dutch police claimed and many people think, law enforcement cannot shut down botnets. It is important to understand why and what the implications are of this sobering thought..." more»
