Security

Noteworthy

 IPv6 represents new territory for most Internet stakeholders, and its rollout will introduce some unique security challenges.

Security / Recently Commented

Cyberattack Takes Kyrgyzstan Offline

A Russian "cyber-militia" has effectively knocked the central Asian republic of Kyrgyzstan offline in recent days, according to an Internet security expert, in the latest apparent example of geopolitical tensions playing out on the Web. Since Jan. 18, the country of 5.3 million has come under a massive cyber-attack, according to Don Jackson, director of threat intelligence at Atlanta Internet security firm SecureWorks Inc. more»

The IPv6 Inconvenient Truth: Deployment Could Cause Network Problems, Threaten Cybersecurity

The move to Internet Protocol version 6 (IPv6) could have a profound affect on the Internet, breaking it up into islands of connectivity and threatening cybersecurity in the process, according to Jeff Young, a senior analyst at the Burton Group. As the IPv4 free address pool continues to dwindle, enterprises can expect to see IPv6-only hosts on the Internet within a three-year timeframe, Young said. In the report, "IPv4 Address Exhaustion: An Inconvenient Truth," Young addresses the incompatibility of IPv4 and IPv6 and some of the problems that need to be addressed during the changeover. more»

Investigation on Whether Cyber Criminals Avoid Infecting Local Citizens and Why

In a report on Washington Post's Security Fix, Brian Krebs writes: "Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which by some estimates is infecting more than one million new PCs each day -- shows that trend may be shifting." Based on an analysis by Microsoft experts, the original version of the Downadup (also known as "Conficker") worm will not install if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. more»

Security Psychology

I just came across a post telling of the Security and Human Behavior workshop. As some of you may be aware, I've been researching this subject for about two years now, and I am very excited that a conference has now happened! It means I did not waste the last two years of my life after all! more»

Tough Economy Requires Knowledge and Vigilance Online

If current predictions are correct, 2009 will be a tougher year than 2008 in terms of the economy. In tough economic times such as these it becomes increasingly important for us to follow recommended safety practices when going online. As the numbers of Internet-related fraud and financial scams continue to increase we should expect the current economic situation to produce more victims of cybercrime. Knowledge and vigilance are the keys to remaining safe while online. more»

Internet Population Passes 1 Billion, and We're Still Afraid

We're learning this week that we have officially passed the one billion number in terms of people using the Internet. Eric Schonfeld writes in his article on TechCrunch that the number is probably higher than that. One billion is a staggering number, even though it makes up only 15 to 22 percent of the world's population. Nevertheless, those one billion Internet users give us a lot to deal with on their own in terms of social and security issues on the web. more»

New Administration Outlines US Cybersecurity, Advisor to Report Directly to Obama

On his first full-day as US President, Barack Obama on Wednesday outlined plans to declare the country's computer infrastructure a national asset that will be protected by a cyber advisor who will report directly to the president. Part of a broader strategy laid out on the newly revamped Whitehouse.gov website for securing US soil against terrorist attacks and other emergencies, the plan is designed to shore up IT networks and chemical and electrical facilities and prevent cyber-espionage. more»

Expect More Malware Threats Exploiting the Financial Crisis, Warn Experts for 2009

Continued exploitation of the financial crisis to scam users with fake financial transactions services, fake investment firms, and fake legal services is the top trend to emerge for 2009 according threat predictions by McAfee. "Computer users face a dangerous one-two punch today," said Jeff Green, senior vice president of McAfee Avert Labs, McAfee's research group. "The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike." more»

Report on Possibly the Largest Data Breach Ever

Amidst all the recent reports of data breaches, Gunter Ollmann of IBM Internet Security Systems, has reported today about one particular case which may be the largest data breach to date. Ollmann wirtes: "The media has been full of analysis concerning data breaches over the last couple of weeks, mostly related to the uptick in 2008 reports. While much of this increase can be accounted for by the wider adoption of state legislation that mandates companies to publicly disclose their data breaches, I think it is worth pointing out today's latest disclosure -- which is quite probably the largest breach ever." more»

Geoff Huston on Securing the Internet Routing System

Excerpts of a recent interview by Network World's Carolyn Duffy Marsan with Geoff Huston, one of the foremost authorities on Internet routing and scaling issues, has been published on the site. Questions include: "Can you explain in plain English what RPKI is trying to do and how it relates to improving the security of the Internet's routing system?" Huston's response follows... more»

Embedding Malicious IFrames Through Stolen FTP Accounts

The practice of using stolen or data mined &ndash from a botnet's infected population – FTP accounts is nothing new. In March, 2008, a tool originally published in February, 2007, got some publicity once details of stolen FTP accounts belonging to Fortune 500 companies were found in the wild. Interestingly, none of the companies were serving malicious iFrames on their compromised hosts back then. Despite the fact that 2008 was clearly the year of the massive SQL injection attacks... more»

Phishers Using New Web-Based Technique 'In-Session Phishing' to Steal User Data, Researchers Warn

Security researchers have identified a new phishing attack method designed to trick users into surrendering confidential information after they have logged on to an online banking, brokerage, or other sensitive website. The technique, called In Session Phishing, can be used to inject into all major browsers legitimate looking Pop Up messages using malicious JavaScript that request passwords, account numbers, etc., on behalf of the trusted website. more»

DARPA Announces $30 Million of First Contract Awards for National Cyber Range Program

The Defense Advanced Research Projects Agency announced Jan. 8 a total of some $30 million of first contract awards for its National Cyber Range (NCR) program, a research and development testbed aimed at speeding deployment of new cybersecurity systems and which is a key part of the interagency Comprehensive National Cybersecurity Initiative (CNCI). Launched early in 2008, the CNCI will be managed by the Homeland Security Department and will be the central coordinating office for all of the government's cybersecurity organizations and development efforts... more»

Widespread Vulnerabilities in Programs Using OpenSSL, Bind Security Patch Released

New vulnerabilities have been discovered in multiple programs using OpenSSL, one of the standard cryptography libraries on Linux and Unix systems. Due to a common mistake in checking return values from functions checking digital signatures, several programs may be vulnerable to spoofing of digital signatures. The most important affected program is ISC Bind, which is the most widely used DNS server on the internet. A flaw in its validation of signatures on DNSSEC replies means that the server may be vulnerable to DNS spoofing attacks even where DNSSEC is in use. ISC has released BIND 9.6.0-P1 to fix this bug. more»

Hacker Sentenced to 30 Years in Prison in Turkish Court

A Turkish court has sentenced a hacker to 30 years in prison for his role in the theft of 45 million identities from credit card transactions by nine US retailers including TJX. Ukrainian Maksym Yastremskiy was among 11 people charged by US authorities in August 2008 in connection with the biggest identity theft to date. more»