While 2009 was definitely a good year for CommunityDNS 2010 is shaping up to be even stronger!

2010 promises to be a dynamic year for our community; the community who strives to provide a resilient Internet for all of those who rely on a stable and functioning ‘Net.  Not only do we see DNSSEC playing a more visible role in 2010 we also see a whole new dynamic being introduced to the ‘Net through the introduction of IDNs.  Yes, this will be a big year for us all.  It is up to all of us to do what we can to be responsible in delivering an Internet that people, organisations, countries and economies have come to rely on.

Eight charged in $9.5m payment processor hack

Charged with stealing more than $9 million dollars in 12 hours by hacking into RBS WorldPay, the Atlanta-based bank card processor, 8 men could face over 50 years in prison. In addition to the 50 years in federal prison the four leaders face two additional years and a fine up to $3.5 million dollars for aggravated identity theaft.

The men were from Russia, Moldova and Estonia.

Of the eight four were leaders of the gang while the other four charged with the crime were cashiers.

Click here for more information.

Malware cleans out jailbroken iPhones

Last weekend some iPhones were hacked, their wallpaper replaced with the image of ‘80s pop star Rick Astley. The worm used to create this hack, the “ikee” worm is now being used for more malicious activities.

The ikee worm only signals its presence by modifying a device’s wallpaper. Without changing the wallpaper the worm can continue going about its work unnoticed. The worm can copy a users e-mail, contacts, SMSs, photos, calendars, videos, music files and any data collected by iPhone apps.

Click here for more information.

Confiker Computer Virus Going Strong

The Confiker virus continues going strong with the worm continuing its spread across PCs. As noted by one security provider the worm could be eradicated if everyone used best security practices.

Click here for more information.

iPhone worms other smartphone malware in researchers’ sights

Trying to fit an operating system that can handle multiple features in a very small device, malware prevention software tends to be overlooked. As smartphones grow in popularity worms are already being devised for the smartphones and iPhones.

Through a grant researchers will analyze how malware detection and eradication can be handled within cell network providers.

Click here for more information.

The blog will return the week of the 20th. During the blog’s absence CommunityDNS will be attending the Internet Governance Conference in Egypt.

Security firm chokes sprawling spam botnet

The efforts of a research firm took down a botnet responsible for 33% of the world’s spam.

The attack was multipronged. First the security firm reported abuses to ISPs regarding certain IP addresses. Secondly, the firm worked with registrars to deactivate registered names. Third, the firm registered backup domains that were not used, and fourth, the botnet was able to generate random domains based on a specific algorithm. The firm understood the algorithm and registered names possibly generated by this algorithm.

The effect was a botnet that had no where to turn. Now the individual bots have been orphaned and the security firm is working with the ISPs to notify the computer owners whose computers were once members of the botnet.

Click here for more information.

MassMutual Warns of Data Breach

Employee and customer data for MassMutual could have been compromised. Data handled by a third party provider was breached.

Click here for more information.

Majority of Web Apps Have Severe Vulnerabilities

A recent report indicates that close to 9 out of 10 web applications could lead to information exposure due to flaws as 87% of the Web applications analyzed had serious vulnerabilities.

60% of Internet-based attacks targeted Web applications. 90% of web vulnerabilities rested with commercial Web applications while 8% rested with browser-run applications.

25% of the attacks were SQL Injection-based with 17% of the attacks being attributed to Cross Site Scripting

Click here for more information.

No Rush to Adopt Domain Names Written in Chinese in China

While ICANN has opened the gates for IDNs to begin in certain countries, China being one of them, it appears there is no great rush to acquire the Chinese equivalent of the currently used Latin character set.

In many cases Chinese organizations have reduced the number of characters to make it easier for Chinese to type in the URL. For example “Tenchnt” is known as “qq.com” for its users. Another company has used “163.com” as the URL for its brand name as companies often associate numbers with their brands.

In one case where someone has already grabbed the Chinese equivalent to one company’s name, the head of the company would like to purchase the name, but feels having it owned by another party would not create any harm to their existing brand.

While the Chinese character sets will aid Internet usage for the older population, the majority of China’s Internet population is already used to the current method of using the Internet.

Click here for more information.

Google’s “AppEngine” application was used by cybercriminals to act as the master control channel, feeding commands to large networks of infected computers.

Also, it was found that the Koobface botnet was using Google Reader to spam malicious links to social networking sites; one of which being Facebook.

Click here for more information.

Gumblar Botnet Resurges

Known as one of the largest botnets that grew dramatically this year, Gumblar has reappeared.

Gumblar works in two ways. The first is to load malware onto sites. When users visit the sites malware is downloaded onto their computers. The second way Gumblar works is to populate websites with I-frames pointing to websites containing the malware.

Click here for more information.

New Spamming Botnet On The Rise

Currently sending 2.5 billion spam messages globally a new Botnet, known as “Festi” has quickly jumped to the rank of 5% to 6% of all spam generated. The jump means more bots (or compromised computers) were added into its botnet with 60% located in Asia, 18% in Europe and 9% in North America.

Click here for more information.

Practical Analysis: The Fastest-Growing Security Threat

Having grown from a few thousand a day a year ago to more than 500,000 a day SQL Injection is the fastest-growing security threat. Through the use of automated tools cybercriminals are searching for which sites are vulnerable to SQL injection. Such attacks allow hackers to break into networks that can lead to the breach of sensitive data.

Click here for more information.

UK to push for law to retain all communications data

Citing the EU Data Retention Directive does not go far enough and to prevent serious crime and terrorism the British government is pushing for its ISPs to capture and hold data regarding instant messages, e-mail and other electronic communications. The data retained would also include data from third-party services. The data is to be retained by the respective ISPs and not in a centralized database.

Click here for more information.

Little-Known Hole Lets Attacker Hit Main Website Domain Vie Its Subdomains

Because of how browsers handle cookies hackers have the ability to attack a domain through a respective domain’s subdomain.

DNS maintains records on the main domain name. Organizations have control over this domain. However, a subdomain does not have authority to change to the top domain.

Click here for more information.

Broadband Goals Proposed in Minnesota

A Minnesotan task force looking to improve the state’s standing in broadband access from 24th to the top 5 has unveiled a plan that could be a model for a nationwide broadband plan.

The move from 24th to within the top 5 states could move the state to national and global leadership in economic growth and increased quality-of-life opportunities.

Studies illustrate that for every $1 spent towards broadband expansion yields at least $10 in economic growth.

Click here for more information.

Spain won’t disconnect illegal file sharers

Despite supporting the 3-Strikes laws of the UK and France, Spain chooses not to consider punitive measures for Internet users.

Click here for more information.

Mossad hacked Syrian laptop to steal nuke plant secrets

In a clear example of cyber intelligence espionage Israeli intelligence used cyber tactics of planting a Trojan onto a Syrian official’s laptop while the official stayed in a London hotel. Designed to bypass security defenses the Trojan obtained information, plans and pictures of a partially constructed nuclear facility.

Click here for more information.

Vendors Scrambling to Fix Bug in Net’s Security

SSL (Secure Sockets Layer) is widely known as the indicator that, when invoked, ensures users their session is encrypted and the contents being transmitted is secure. The security protocol is used highly in e-commerce applications.

Recent discoveries have pointed out the vulnerabilities associated with SSL and that it is not as secure as one may think.

While there have been bugs that have dealt with the management of the SSL’s digital certificates, this flaw is with the protocol itself.

Subject to the vulnerability are shared hosting environments, databases, mail servers, and other secure applications. Fixes will need to be applied to Web browsers, Web load balancers, Web servers, mail servers, ODBC drivers, SQL servers and peer-to-peer protocols.

Click here for more information.

Cybercriminals down five British police forces in a year

With nearly all of police daily operations depending on IT systems, five British police forces have been impacted by cybercriminals. The Internet attacks of the respective police forces caused outages lasting three or more days. It is unclear if any date was lifted through the five different breaches.

Click here for more information.

Swedish spooks knocked offline by hack attack

Thought to be an attack due to Sweden’s new law allowing the country’s intelligence agency, FRA, to monitor all Internet traffic coming through the country. The outage began Monday night, lasting until Thursday morning.

An apparently separate denial-of-service attack was aimed at police and media outlets.

Click here for more information.

EU offers hope to file-sharers

In an amendment applied to a larger telecoms bill verbiage regarding action against illegal file-sharers was watered down. Fearing that basically declaring the internet as a fundamental right for its citizens would conflict with how to go after illegal file-sharers, the Commission watered down the language giving ultimate responsibility to the member states on policing illegal content downloaders.

Click here for more information.

Internet names ending with the .TM suffix are a valuable asset to Fortune 100, Fortune 500 and Fortune 1,000 companies who are serious about their corporate image. Around 40,000 companies are already registered and many Trademark holders already use the .TM Internet extension in preference to .COM.  Now the .TM Domain Registry is using the latest technology designed to protect .TM users and their customers.

Cyber crime is increasing at a feverish pace especially  “Phishing”, where cyber-criminals lead consumers to counterfeit websites under the guise of legitimate businesses and brands, therefore stealing business.  In June, 2009 alone, 21,085 unique “phishing scams” occurred where a domain name was used to attack specific brands.

Corporations now seek new means of protecting their brand and their customers from fraudulent operations on the Internet.  The cost to businesses through lost revenue and time spent legally to neutralise fake websites is vast and can now be avoided by using a .TM name.

.TM domains are already operating on a state-of-the-art, global infrastructure designed for secure operations, “Technology can never stand still, and Registries and Companies will always need to keep one step ahead of the cyber criminals, we welcome this initiative by .TM Domain Registry” states Paul Kane, Chair of the DNS Infrastructure Resilience Task Force.

Consequently the .TM Domain Registry has introduced DNSSEC which is short for “DNS SECurity” which provides a “chain of authentication” between the domain owner and their clients.

.TM continues its aim for a secure and resilient Internet by signing the registry with DNSSEC and implementing a “first-of-its-kind” method in providing service for its customers and preventing the phishing activity plaguing legitimate corporate brands.

For technologists:

Maintaining the technological leading edge, .TM is the first registry to allow customers the ability to update their DS (Delegation Signer) records in real-time.  With changes taking effect within seconds, .TM name holders can fix compromised domain names instantly by providing a new customer encrypted fingerprint to the registry, minimizing exposure and compromised downtime.  .TM Domain Registry gives companies the tools to shield their customer from malicious attack and corporate-espionage while at the same time protecting their brand and corporate image.

For a list of Registrars selling .TM names please visit:

http://www.nic.tm/registrars.html located in Australia, China, Cyprus, Denmark, France, Germany Italy, Japan, Singapore, Taiwan, UK, USA.

For those serious about their corporate image, security and their trademarked, branded names, their names are secure with .TM.

.TM Registry – Building trust online!

Contact:

Chuck Kisselburg

Office: +1 (503) 928-7967

www.nic.tm

.TM Names Are Now One of the Most Secure on the Internet

Catering to trademarked and brand-conscience corporations serious about their corporate image the .TM Domain Registry has signed with DNSSEC, providing its users with enhanced security against phishing and the malicious community. As a first-of-its-kind for DNSSEC, .TM domain owners can update their DS records in real time.

Click here for more information.

Facebook Phishing Attack Powered by Zeus Botnet, Researchers Say

Asking Facebook users to click on the e-mail provided link to receive their updated password, phishers are using this method as another way to trick users in revealing their usernames and passwords.

Sending the phishing messages at 30,000 per minute as shown researchers the messages are coming from the Zeus botnet.

Click here for more information.

Internet phone systems become the fraudster’s tool

A new angle from cybercriminals include obtaining banking credentials by placing calls FROM the bank. Hackers are breaking into the phone systems of smaller banks because:

• Smaller banks can’t afford the security resources of larger banks.

• People like to bank with smaller local banks.

Hackers will break into phone systems and place calls to customers from the bank’s phone system. Using a prerecorded message regarding suspicious account activity bank customers are asked to respond by inputting their account number and ATM password.

This form of hacking is becoming easier because many of the phone systems are now Internet-based using VoIP.

Click here for more information.

U.K. Proposes To Cut-Off Pirates Internet Connections

The UK looks to curb illegal downloads by disconnecting violators from the internet. Violators would first receive a letter, followed by Internet slowdowns if they persist. If continued violators would face disconnection from the Internet. At this point Britain is looking at France’s 3-Strikes law in that disconnection would occur for a year.

Not mentioned was France’s use of a violator going before a judge to have their day in court before Internet connectivity has been disconnected. ISPs are not in favor of the UK’s move fearing they would have to become the police of the network.

Click here for more information.

Symantec reveals lack of confidence in online retailers

A recent study shows those in the UK have a higher trust in banks protecting their information than other organizations specializing in online retail. The same holds true with Germany in that, while not as confident as the Brits, Germans are more inclined to trust banks with their personal information than they are online-retailers.

Click here for more information.

Net set for ‘language shake-up’

Since 2008 ICANN approved the allowance of names written in non-Latin/ASCII character sets. If approved by the body on October 30 the first applications for Internationalized Domain Names (IDNs) will be accepted by November 16. The first IDNs could therefore be up and running by mid 2010.

Click here for more information.

Mobile Broadband Operators Heading for Capacity Crisis

A recent study states that Internet traffic via mobile Internet devices will rise 25 times by 2012, yet for the same time period revenue for operators is expected to increase by a factor of 2. This illustrates that the cost for providing mobile broadband capacity is still high.

Comment: This illustrates the strong arguments providers are making towards the US’ FCC regarding Net neutrality. Providers are saying Net neutrality is OK for traditional ISP networks, but argue strongly against Net neutrality rules being levied upon wireless networks.

Click here for more information.

Developing countries must boost broadband: UN

Lack of broadband infrastructure means developing countries are missing out on information technology benefits. Missing, or limited broadband infrastructure means loss of the development of offshore companies that may be used to help with the respective country’s economy.

Also lost are advantages people may have with the use of mobile phones. With lower access to broadband people are working to take advantage of what applications can be accessed via cell phones as in Africa the number of mobile subscribers outpaces fixed line subscribers by a factor of 20.

In developed countries people are 200% times more likely to have broadband access than in lesser developed countries. Also, in lesser develop countries broadband can be very expensive. For example, in Africa’s Burkina Faso, Central African Republic and Swaziland, broadband runs $1,300 per month while the monthly charge in Egypt and Tunisia is only $13.

The report came from the UN conference on Trade and Development.

Click here for more information.

Scan of Internet Uncovers Thousands of Vulnerable Embedded Devices

Researchers have been studying the vulnerability of Internet accessible devices where default passwords have not been changed and are still in place.

Out of 130,000,000 IP addresses scanned, nearly 300,000 devices had administrative interfaces that could be remotely accessed via the Internet. Of those 300,000 devices 21,000 still used default passwords. Even if default passwords had been changed cyber criminals could still determine passwords through brute force of cracking passwords. With that said, through extrapolation it is believed that 6,000,000 devices on the Internet are vulnerable.

Cybercriminals could access such devices to conduct click fraud, DNS cache poisoning or launch attacks on other systems.

Click here for more information.

500,000 job hunter details exposed in Guardian hack

Hackers launched an attack on The Guardian’s Jobs website and made off with information from 500,000 people who had posted their resumes on the organization’s jobs website. The hack was stopped midway through, but what was exposed on the various resumes or CVs were names, email addresses, cover letters and the resumes themselves.

Click here for more information.

Gift Cards Convenient And Easy To Hack

As with credit and debit cards, gift cards are a form of currency and are thus subject to cybercrime, as noted in recent research.

Cybercriminals can “sniff” the information through a scanner directly in the checkout line and then cloned and used against the retailer’s hacked web-based gift card application.

Cybercriminals can also clone unused gift cards. This occurs by cybercriminals taking unactivated cards, cloning the cards and placing the cards back on the rack for display. Once the card is purchased and activated the cybercriminal has access to the account.

The SQL injection flaw is also another method cybercriminals may use to hack web-based gift card applications to obtain information.

Recommendation is to begin utilizing same encryption standards being studied for the credit and debit card providers and processors.

Click here for more information.

Still No Internet Or SMS Allowed In China’s Muslim Region

Four months after ethnic riots killed 200 people in China’s Muslim region, access to the Internet remains blocked. Important anniversaries were the reason for the continued block, however the last of the important anniversaries is over.

Some companies have had to relocate employees outside the region so they could continue their business of selling products online.

While one marketing manager believes the Internet should come back in about a month, the Chinese government has given little sign as to when restrictions will be lifted, however will do so gradually as the province stabilizes.

Click here for more information.

Zurich Insurance admits big data loss

Personal account details were lost on more than 500,000 customers last year, admits Zurich Insurance. Those, whose information was compromised, were 51,000 people from the UK, 550,000 from South Africa and 40,000 from Botswana.

In August, 2008, the data was backed up on tape and sent to the organization’s South African storage center when the tape was lost.

Click here for more information.

Operation Eagle Claw nets 18 Nigerian spammers

Determined to remove the country from the list of countries producing the most fraudulent e-mails, Nigeria’s Economic and Financial Crimes Commission. “Eagle Claw”, the operation dedicated for cleaning up Nigeria’s cyber image, should be 100% operational within 6 months. To date, however, the operation has identified and shut down 800 fraudulent web sites/e-mail addresses as well as arrested members from 18 syndicates identified with e-mail scams. When running at full operation, and working closely with Microsoft, Eagle Claw should take down fraudulent e-mails at a rate of 5,000 per month.

Click here for more information.

Fed’s Security Spending On A Roll: Over 8 Percent Growth Over Next Five Years

With a 300% increase in attacks on US federal networks and systems over the last 5 years, tightening federal security regulations and President Obama’s emphasis on security, the budget for IT security spending will jump from $7.9 “m”illion to $11.7 “b”illion in 2014.

Click here for more information.

Botnet click fraud at record high

Cyber criminals, wishing to profit from click fraud, are turning to botnets to generate the fraudulent clicks. In the 3rd quarter of 2009 42.6% of fraudulent clicks were generated by computer bots.

The increase in botnet use comes at a time when the overall amount of click fraud has dropped; from 16% in Q3 of 2008 to 14.1% last quarter. This signifies the manual form of click fraud has decreased by even a larger margin, thus pointing to the fact that botnets are playing the larger roll in click fraud.

The two most known botnets, Gumblar and Bahama Botnet, place malware on infected computers that will result in PCs returning altered Google results. In other words, if users click on an ad they are, instead, redirected to a site with little to know content. The revenue generated by clicking on the ad is therefore sent to the owner of the fraudulent site instead of the legitimate presenter of the ad.

Click here for more information.

FCC Approves Net Neutrality Rule Making

In a unanimous vote the five-member, bi-partisan commission, voted in favor of the rule-making process. This does not mean they agree on the “how” and “to what degree” the Internet should be “open and free” versus “regulated”.

This “rule-making” process opens the door for the formal acceptance of comments on Net neutrality. The comment period will close January 14, with March 14 being the date on which reply comments can be accepted.

One of the republicans that make up the five-member commission disagrees that the FCC has the legal authority to regulate network management of the Internet as proposed.

Click here for more information.