Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Botnet traffic bounds back 90% within 48 hours of ISP shutdown

Cutwail is one of the largest botnets running today, producing 15% – 20% of all spam, including malicious sites, phishing sites and fake antivirus sites. With most of its operations running from Latvian ISP, Real Host, the ISP was shut down by upstream providers. During a 48 hour time period spam dropped by 38% and cutwail’s botnet activity dropped by 90%. After the 48 hour period, cutwail’s activity was at nearly the pre ISP-shutdown levels. After the November 2008 shutdown of McColo Web Hosting it took several weeks for botnet activity to reach its previous levels of activity.

Click here for more information.

Message from Hackers: Enjoy The Summer Break Because Winter Attacks Will Be Harsh

According to a poll taken at last month’s Defcon17 less than 25% of hackers are malicious. Of those 81% are more active during the winter months with 56% saying Christmas is the optimal time and 25% saying New Years Eve is the most optimal day for hacking. 52% say weekday nights are when most of their hacking is done. Over 30% hack during business hours while only 15% hack on the weekends.

Click here for more information.

MS phishing filter blacklists everything

All sites ending with “.uk.com” have been blocked by Microsoft’s SmartScreen Filter. The filter is built into IE7 and IE8. It is unclear why such blockage occurred other than human error. This points to the scenario that filtering, no matter how good is not an exact science.

Click here for more information.

PCI Council Releases Recommendations For Preventing Card-Skimming Attacks

Credit card skimming is becoming the a popular way for credit and debit card account numbers to be stolen by cybercriminals. Devices are rigged to obtain the data, whether the rigging occurs after installation or before the device leaves the manufacturer. If credit cards were cryptographic devices, the threat would disappear.

Click here for more information.

China Forecasts Spread of Chinese Domain Names

CNNIC, the official registry for China’s ccTLD, .CN, announced that it is moving ahead with the deployment of .CN using both simplified and complex Chinese characters. Government organizations are already moving forward with the acquisition of the localized TLDs. Some are already in use within China, however most advertising within China utilizes the traditional Latin/ASCII character set for their URLs. People and organizations who already have a .CN name will automatically receive the localized version in both simplified and complex Chinese. Not only will this prevent legal issues over name ownership, it will also prevent phishing using such names because one who owns a simplified Chinese version does not need to worry about a phisher using the same name with the complex Chinese version. At ICANN’s October conference China hopes to push ICANN to an agreement on IDNs so the simplified and complex versions of Chinese second and top level domains can migrate to DNS.

As of the end of June China had more than 338 million Internet users; the largest of any country.

Click here for more information.

Obama’s FCC to enforce ‘net neutrality’

FCC chairman, Genachowski said that net neutrality will be supported and attempts to violate its tenets will be sought. It is the intent of the Obama administration to ensure the Internet is free of increased user fees due to heavy traffic and slow downloads. To assist in this endeavor a member of Congress has introduced a bill aimed at enforcing net neutrality legislation that guards against discriminatory practices by network operators. This is going on at the time Comcast is in a legal battle with the FCC whereby Comcast is challenging the FCC’s authority for penalizing Comcast for limiting web traffic to its consumers.

Click here for more information.

Dutch ISP builds dike around ‘Net, throttle non-HTTP traffic

Even as ISPs in countries such as Canada and throughout Europe throttle specific protocols at certain times of the day, a Dutch ISP is making their throttling efforts easy to understand. ALL non-HTTP traffic will be throttled back to 1/3rd the bandwidth speed, every day from noon to midnight. The thinking is websites are fine, however VoIP, P2P and FTP shall have second priority as the Web is not and shall not become a rich media delivery service.

Click here for more information.

Notorious hacker Analyzer pleads guilty on credit card scam

Known for breaking into NASA’s systems Ehud Tenenbaum, known as “Analyzer”, has pleaded guilty to US authorities for credit card fraud that cost US banks as much as $10 million.

What would normally carry a 25 year prison sentence will most likely be reduced due to his cooperation with authorities.

Click here for more information.