Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.
US relaxes grip on the internet
Today marks the end of the Joint Project Agreement (JPA) between ICANN and the US Government. The JPA was designed for the US government to review the work of ICANN.
The JPA is being replaced by the Affirmation of Commitments; a document turning the review process to the global Internet community. Instead of producing and submitting reports to the US government for review ICANN will now be submitting reports to the international community for review and input.
The US will have a permanent seat on the accountability panel; one of three groups designed specifically for overseeing ICANN’s work. The US will also have a seat, along with close to 100 other countries, on the GAC (Governmental Advisory Committee). ICANN is still under contract with the US Government to run the Internet Assigned Numbers Authority (IANA), a contract set to expire in 2011. IANA oversees the Internet’s addressing system.
Click here for more information.
Banking Trojan steals money from under your nose
The URLZone Trojan has landed on German Windows-based computers. Exploiting holes in Firefox, IE6, IE7, IE8 and Opera, the Trojan, when a user logs into their bank for financial transactions, will log the users credentials, transfer funds from the user’s account to another account while at the same time displaying a false balance to the user. Subsequent logins by the user will continue to show false amounts. The only way for the user to discover the imbalance is if the user logs into an account from a different computer, uses the ATM or is notified of insufficient funds.
Click here for more information.
Dutch ISPs Sign Anti-Botnet Treaty
14 of the Netherland’s ISPs, covering 98% of the country’s Net users, banded together to fight botnets. While working with end users to clean up infected machines is a money looser for ISPs, having to continually deal with DoS and DDoS attacks is also a large waste of resources and money. Such a move also aids in the resilience of the Netherlands’ Internet structure as the more computers that can be controlled from outside of the Netherlands’ boarders lessens the chance that such compromised systems can launch an attack on the Netherlands from within its own borders.
The ISPs will:
- Exchange relevant information among the cooperating ISPs
- Quarantine infected computers
- Notify end users of possible infection
Last month News Bits reported a similar initiative by Australia’s ISPs through the country’s Internet Industry Association (IIA).
Click here for more information.
Researchers unmask two faces of zombie networks
Responsible for 87.9% of all junk e-mails, botnets are the root of such nuisance
Cutwail, once responsible for 45.8% of all spam essentially collapsed with the take-down of California-based ISP 3FN. Filling in for Cutwail are Grum, responsible for 23.2%, and
Bobax, responsible for 15.7% of spam. The new botnet on the block regarding spam is Maazben, account for 1.4% of spam messages in September. Maazben has grown since the month before the botnet produced 0.5% of spam.
Rustock is the only botnet, accounting for 1.3 to 1.9 million bots, that spews spam on a regular cycle.
The other side of the botnet world deals with what was reported in News Bits earlier this month; the development of small, boutique botnets designed to extract information from within enterprise networks.
Click here for more information.
Confiker Showdown: No End In Sight
With a botnet size of 5.5 to 6 million computers Confiker seems far from going away. The three variants of Confiker, A, B and C continue their infection rate despite the efforts from organizations to develop tools designed to eradicate the Trojan. While the size of Confiker C continues to decline Confiker’s earlier versions, A and B continue to form a massive botnet of around 5.5 million computers.
Countries most impacted by Confiker are Brazil, China, Vietnam, Russia, Indonesia, India, the Philippines, Thailand, South Korea and the Ukraine.
Click here for more information.
Singapore to Form National Cyber-Security Agency
The Singapore Infocomm Technology Security Authority (SITSA) is a new government-sponsored agency designed to deal with threats to national security. Such threats include external threats such as cyber-terrorism and cyber-espionage. SITSA will reside under the Internal Security Department of Singapore’s Ministry of Home Affairs.
Click here for more information.
Filed under: Anycast, Australia, Banking, Bobax, Bot, Botnet, Brazil, China, Community DNS, CommunityDNS, Conficker, Cutwail, Cybercrime, Cybersecurity, DDoS, DNS, DNS Resolution, Denial of Service Attacks, Department of Commerce, Distributed Denial of Services, DoS, Firefox, Global resolution, Grum, IANA, ICANN, ISP, India, Indonesia, JPA, Maazben, Netherlands, Philippines, Phishing, Resolution Service, Russia, Rustock, SITSA, Security, Singapore, Singapore Infocomm Technology Security Agency, Spam, Thailand, Trojan, US Government, Ukraine, Vietnam, malware | Leave a Comment
Tags: 3FN, Affirmation of Commitments, Anycast, Australia, Bobax, Bot, Botnet, Brazil, Business Continuity, Business resilience, China, Community DNS, CommunityDNS, Confiker, Cutwail, Cyber crime, Cybercriminals, DNS, DNS Resolution, Global resolution, Grum, IANA, ICANN, IIA, India, Indonesia, Internet, Internet Assigned Numbers Authority, Internet Industry Association, ISP, Joint Program Agreement, JPA, Maazben, malware, Netherlands, Philippines, Resolution Service, Russia, Rustock, Security, Singapore, Singapore Infocomm Technology Security Authority, SITSA, South Korea, Thailand, Trojan, Ukraine, URLZone, Vietnam
