IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.Jim Croce's famous song "I got A Name" may one day need to be changed to "I got A Domain" if current Internet growth rates remain the same. Today there over 70 million registered Internet domain names across the globe, according to Dotster, Inc., a leading provider of Internet domain name and hosting services...
"While more and more businesses are taking advantage of the innovation and power offered by the Internet by registering domains, an equal number of individual users are registering for domain names as well. In fact, with the Internet becoming such a ubiquitous part of everyday life and commerce, one can imagine a day when every individual and every corporation will have a domain name just as they do a social security number or corporate tax ID," says Kevin Kilroy, Chairman, Dotster, Inc. more»
A number of flaws in the software that is used to administer the Internet's DNS (domain name system) has been discovered by researchers at Finland's University of Oulu.
The vulnerabilities could be exploited to "cause a variety of outcomes," including crashing the DNS server or possibly providing attackers with a way to run unauthorized software, according to an advisory posted Wednesday by the U.K.'s National Infrastructure Security Co-ordination Center. more»
Microsoft Research has released a new tool to help pinpoint large-scale typo-squatters that are known to be gaming pay-per-click domain parking services.
The lightweight prototype, called Strider URL Tracer, builds on the work within Microsoft's Cybersecurity and Systems Management group to keep tabs on a sophisticated typo-squatting scheme that uses multilayer URL redirection to make money from Google's AdSense for domains program. more»
With VoIP starting to live up to some of the hype, university researchers are looking to ensure that the technology's momentum in corporate and residential markets won't be ruined by myriad security threats.
The National Science Foundation this week said it has issued $600,000 to the University of North Texas to spearhead development of a multi-university test bed to study VoIP security. Other participants are Columbia University, Purdue University and the University of California-Davis. more»
Three U.S. academics have published research into why phishing scams are still finding success, years after widespread public warnings first appeared.
Most people have received an e-mail purporting to be from a bank or other online service that asks for personal and financial details. Occasionally, it has been for a bank or service for which the recipient is a customer. Even in that situation, many people still know to be wary. more»
At the fourth annual MIT Spam Conference held in Boston Tuesday, speakers said that while the volume of spam ebbs and flows, the nature of unwanted email is steadily becoming more dangerous...
Fresh from an IETF meeting last week, Sendmail's Chief Science Officer Eric Allman spoke about the progress being made with DomainKeys Identified Mail (DKIM), a sender-authentication proposal from Yahoo and Cisco that's wending its way through the standards body, and how it can be used to fight phishing. more»
The fight against spam, phishing and e-mail fraud should focus on economic incentives and aiding law enforcement, according to attendees at a conference examining the problem this week.
Speakers at MIT's 2006 Spam Conference were notably cognizant of the recent proposals of white lists and AOL's Goodmail, a pay per e-mail service offering preferential treatment in e-mail delivery for marketers. It is also one year since the implementation of Can-Spam, the federal law that sets e-mail marketing standards and makes it less complicated for law enforcement to go after John Doe spammers. more»
Hackers have launched distributed denial of service attacks against the Domain Name System (DNS) servers of a brace of domain name registrars over recent days. The motive for the separate attacks against VeriSign and Joker.com remains unclear.
VeriSign said the attack on its name servers caused a "brief degradation" in the quality of its service to customers for around 25 minutes on Tuesday afternoon, ComputerWorld reports. Domain registrar Joker.com is recovering from an attack on its name servers last week that lasted for six days up until last Sunday. Joker.com, which is based in Germany, handles the registration of approximately 550,000 domains. more»
"DNS is now a major vector for DDOS," Dan Kaminsky, a security researcher said, referring to distributed denial-of-service attacks. "The bar has been lowered. People with fewer resources can now launch potentially crippling attacks."
Just as in any DDOS attack, the target system -- which could be a victim's Web server, name server or mail server -- is inundated with a multitude of data coming from multiple systems on the Internet. The goal is to make the target unreachable online by flooding the data connection or by crashing it as it tries to handle the incoming data. more»
ISPs and e-commerce sites can employ more tools to combat phishing scams, including "white lists" of legitimate Websites and using false identification information to scam the scammers, according to a report released Thursday.
The report, released by a coalition of consumer groups, technology vendors, financial services organizations and law enforcement agencies, also calls on Internet companies to step up their consumer education efforts. more»
Eight of the world's largest domain registrars have sent an open letter to ICANN Chairman Vint Cerf, stating their formal opposition to the revised proposition with VeriSign for continued control of the Internet registry.
The eight signatories, which lay claim to 25 million domain names, or 57 percent of those currently registered, are GoDaddy, Network Solutions, Tucows, Register.com, BulkRegister, Schlund + Partner AG, Melbourne IT and Intercosmos Media Group.
more»
Malicious hackers who are able to hijack an organization's Web domain may be able to steal traffic from the legitimate Web site long after the domain has been restored to its owner, according to a recent report.
Design flaws in the way Web browsers and proxy servers store data about Web sites allow malicious hackers to continue directing Web surfers to malicious Web pages for days or even months after the initial domain hijacking. more»
Faced with increasing demand for Internet protocol addresses, better quality of service and security, the Telecom Regulatory Authority of India (Trai) today recommended a transition from the existing version of internet protocol (IPv4) to the next-generation IPv6 platform.
The regulator has proposed the setting up of a National Internet Registry (NIR) in the country, within the framework of the Asia Pacific Network Information Centre (APNIC), and the Regional Internet Registry, utilizing the existing set-up of National Internet Exchange of India (NIXI). Currently all users in India buy their Internet protocol addresses from the APNIC. more»
Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community. Here are some of the phishing trends and innovations we noted in 2005...
Open redirects became a favorite method for phishing attacks to "borrow" the URL and credibility of a trusted web site. Redirects are common on large web sites, where server side scripts are employed to redirect users to different parts of the site. more»
More than 5% of the net's most popular domains have been registered using "patently false" data, research shows.
A US congressional report into who owns .com, .net and .org domains found that many owners were hiding their true identity. The findings could mean that many websites are fronts for spammers, phishing gangs and other net criminals. more»
