ISP
ISP
An Internet service provider (ISP, also called Internet access provider) is a business or organization that offers users access to the Internet and related services. Many but not all ISPs are telephone companies. They provide services such as Internet transit, domain name registration and hosting, dial-up or DSL access, leased line access and colocation.
Internet hosting services run servers, provide managed hosting, and include the Internet connection.
Definitions provided by Wikipedia - The Free Encyclopedia
ISP Related Products
LinkProof is a multi-WAN switch that lets you maximize the effectiveness of your WAN by bypassing bottlenecks and service-provider outages, managing bandwidth consumption, and letting you decide which links are used for which applications and when. It's the only on demand solution that fits your current and future WAN link load balancing needs and lets you effortlessly add, manage and load-balance multiple ISP connections while you mix-and-match VPNs, private and public links for back-up or in response to growing bandwidth needs.
More information
ISP Related Industry News
BT says: Protect your network from professional hackers It's not just the warchalkers you need to worry about... BT Openworld has this week thrown its weight behind the fight against 'Warchalking' - the practice of scrawling chalk marks on the outside of buildings with Wi-Fi networks to encourage passers by to surf on companies' unprotected bandwidth.
However, the UK ISP has warned that it's not just bandwidth pirates you need to worry about. Warchalkers have also drawn attention to the very......
[more] Worms Hit Home It's early in 2004 and Microsoft is sick with nearly 65,000 viruses, it's crawling with worms, and there are enough packaged trojans sitting around to wreak havoc on almost any virile computer. It would be nice for security professionals to afford a week off from the world of viruses, worms, trojans, and backdoors to enjoy a long overdue vacation, but we all know the malevolent attempts of the next major outbreak are just around the corner. The fact that each of us can only contr......
[more] UK police seek web porn crackdown UK police are contacting other forces worldwide in an attempt to close down websites with sexually violent content The move follows the murder of Brighton teacher Jane Longhurst by a man addicted to web porn.
Graham Coutts, 35, from Hove, had downloaded hundreds of images of asphyxia and necrophilia before he strangled Ms Longhurst last March.
Detectives have invited foreign law enforcement agencies to discuss ways of clearing the internet of such materi......
[more] Extortionists attack Paddypower.com Irish on-line betting site Paddypower.com is the latest high-profile Web property to suffer a denial of service attack from malicious users bent on extortion The company confirmed that its Web site was temporarily off line for a number of hours on Wednesday evening (Feb 4) as a result of interference from a distributed denial of service (DDoS) attack.
According to Paddy Power, the problem was experienced by several other on-line bookmakers and represented......
[more] IT professionals to discuss cyber security The US Department of Defense has invited world’s internet experts and networking professionals to discuss cyber security and also asked a leading internet service provider of Pakistan to define the state of cyber security in the country. Some 18 cyber security specialists from different countries would be participating in the two-day meeting scheduled on February 18-19 in Baltimore, Maryland.
"We have been formally invited by the US Department of Def......
[more] US spammer fined £75k for porn sting A US company has been fined £75,000 for spamming punters with porn emails that led to users racking up whopping phone bills.
The spam sent by New York-based BW Telecom contained peak-rate dialler software which disconnected users from their ISP before reconnecting them to a service that charged them £1.50 a minute for Net access.
UK premium-rate services regulator ICSTIS found that the email containing the Ts&Cs and dialler software was confusing.......
[more] Blaster Type Virus Attack Called 'Imminent' Malicious code to exploit a component of the Microsoft Windows ASN.1 vulnerability is circulating, prompting security experts to issue a chilling warning: a Blaster-type virus attack is imminent.
The exploit code, specifically created to target a buffer overflow flaw in Microsoft's implementation of the Abstract Syntax Notation 1 (ASN.1) data standard could cause immediate denial-of-service attacks against unpatched systems.
"A virus attack will......
[more] AOL, EarthLink File Lawsuits Against Spammers Two of the nation's largest Internet service providers (ISPs) filed civil actions against bulk e-mailers Thursday to combat the continuing spam flooding ISP servers.
Dulles, Va.-based America Online (AOL) filed a $1.6 million civil law suit in Florida, claiming that a software firm conspired with international spammers based in Thailand to deliver more than 35 million spam messages to AOL subscribers.
In a separate action, Atlanta-based Eart......
[more] Overeager Spam Filters Cause Headaches ISPs struggle to get off AOL's blacklist when spam-blocking methods turn heavy-handed. Major ISPs are struggling to protect their customers from a growing wave of spam, but overzealous blocking can be a nuisance too, as several small ISPs have found.
Technicians for TDS Telecom, a Midwestern ISP, scrambled last week when America Online began blasting back all e-mail to AOL subscribers from TDS's 100,000 subscribers. The problem continued for days, exaspe......
[more] UUNet tops spammer-hosting super league UUNet hosts more spammers than any other ISP. It has 151 listings on the Spammers Block List (SBL), including 34 known spam gangs with ROKSO records, according to the anti-spam organisation Spamhaus' records for February 2004. The second worst offender, Chinanet-QD, has 82 entries on the SBL. It hosts Alan Ralsky, listed as the single worst spammer on the ROKSO list.
Banning unsolicited commercial email is a simple matter, Spamhaus says. it has example......
[more] Worms nibble away at ISP profits Worms are proving to be both a financial and managerial headache for Internet service providers. Dealing with worms that travel over their networks could cost North American ISPs as much as $245 million in 2004, according to a study released Wednesday by peer-to-peer management company Sandvine. For service providers worldwide, the overall expense could reach $370 million. The totals include the cost of tactical response teams, swamped customer support resources,......
[more] Earthlink to test sender authentication ISP (Internet service provider) Earthlink Inc. will soon begin testing new e-mail security technology, including Microsoft Corp.'s recently released Caller ID technology, a company executive said.
Earthlink will be experimenting "very soon," with "sender authentication" technology including Caller ID and a similar plan called Sender Policy Framework (SPF). The Atlanta-based ISP will be evaluating other e-mail security proposals as well, but is not bac......
[more] First Can Spam Suit Filed A California ISP filed suit Friday in the first action under the recently enacted federal Can Spam Act, naming BobVila.com as the defendant. San Francisco attorney John Fallat filed a lawsuit in U.S. District Court for the Northern District of California on behalf of Foster City-based Internet Service Provider Hypertouch. It alleges Sacramento-based BlueStream Media and Boston-based BVWebTies, owner of BobVila.com, violated the federal Can Spam Act by sending Hypertouch......
[more] Major ISPs to Stand Firm on Anti-Spam Fight Looking to show a unified front against spam, the nation's top e-mail and Internet service providers -- America Online, EarthLink, Microsoft, and Yahoo! -- are expected to outline their efforts in stopping unwanted e-mail at its source.
Representatives from the coalition are scheduled to appear at a press conference Wednesday morning in Washington D.C. to talk about their collaborative efforts. The coalition is based on an anti-spam industry allia......
[more] Zombie PCs must die! Comcast, the US cable giant, is threatening to disconnect customers whose infected PC are being used to relay spam messages.
Up to 30 per cent of spam is now spewing from hijacked "zombie" PCs. Spammers use Trojan horses and worms to take over PCs and use them as spam engines, a practice that can severely disrupt the operation of ISPs.
Recently, many Comcast customer IP addresses were recently blacklisted because of this spam-spewing zombies. The cableco has sent le......
[more] I Was Addicted to Spam How did I end up spending more time training my e-mail filter than I ever did hitting Delete? If you've had to deal much with software developers, chances are you've formed the impression that they come from another planet. (If, by chance, you are a software developer, you may well feel the same about end users.) I came to realize this when I got involved with the beta test of a new spam-blocking service introduced by my ISP.
Here at work, hidden behind multiple fire......
[more] ISP Gets Tough With 'Zombie' Customers Broadband provider Comcast is taking a tough new approach to targeting "spam zombies" -- those virus-infected, unwitting spam-sending computers among its broadband base.
The ISP is telling customers to get virus-scanning and firewall software loaded or risk losing their high-speed connection until the problem of virus infections on their computer is fixed.
In recent weeks, the cable broadband giant has been alerting surprised customers to the probl......
[more] UK.biz leaves door open to hackers One in three of UK corporates has suffered hacking attempts on their websites over the last year, according to a survey out today. The report revealed hackers are becoming more successful at punching holes through flimsy corporate defences.
Four per cent (or 40) of the 1,000 companies surveyed admitted their systems had been penetrated over the last 12 months, the Department of Trade and Industry's 2004 Information Security Breaches Survey reveals. This pe......
[more] TM domain leads anti-spam charge The registry running the top-level .tm domains is leading the charge against spam by adding the SPF protocol into all its domains' DNS records.
While a large number of ISPs, big online names, anti-spam companies and a few domain registrars have added SPF and so helped verify that an email message comes from the address it says it does, TM Domain Registry’s general manager Paul Kane tells us this is the first time an actual registry has included the protocol.......
[more] Sober and Bagle Make a Dangerous Return This past Friday also brought a new Bagle variation (what else is new?). W32/Bagle.U-mm brings up the Window's Hearts card game when it infects. Bagle.U comes with blank message body, and a randomly named .EXE attachment. Like other Bagles, it opens a back door, and attempts to contact various web servers. It has been rated a medium to high threat by antivirus vendors. See our Top Threat W32/Bagle.U for more information.
A new version of the Sober vir......
[more] The Red, White and Blue of Spam Despite increased legislation and hyper vigilance by IT companies, one industry report says spam has not been canned and the "phishing" industry is now booming.
But to put the blame on Russian hackers or Nigerian royalty would be a false notion.
The report issued by Commtouch Thursday is an analysis of e-mail activity for the month of March. The findings: three months after the CAN-SPAM law was enacted, it's seen no slow-down in spam volume. In fact, the......
[more] 'Buffalo Spammer' Convicted Carmack, who lost civil case to EarthLink last spring, faces jail under new identity-theft law. A man accused of using EarthLink e-mail accounts to release a flood of spam has been convicted on charges of identity theft and falsifying business records, according to the New York State Attorney General.
Howard Carmack of Buffalo, New York, also known as the "Buffalo Spammer," has been found guilty by a jury in Erie County, New York, on 14 counts. The conviction inc......
[more] Malaysian premier ISP under quarantine for spam Several Malaysian e-mail users have complained that some of their e-mail messages sent via TM Net have bounced back, due to the Internet service provider (ISP) being "blacklisted" by global antispam groups.
Spamhaus Project, a Europe-based non-profit group that keeps tabs on spammers and their operations worldwide, has blacklisted a range of IP addresses under TM Net's responsibility due to the higher incidence of spam coming from its network.......
[more] Half of all email is now spam According to a recent Yankee Group report titled E-Mail Security Solutions Providers Seek to Stop Spam and Viruses at the Perimeter, half of all e-mail sent today is spam.
The report also claims that the challenge of filtering unwanted messages at the edge of U.S. businesses has created a $140 million market.
It's no secret that spam is a huge problem that the industry and governments are still trying to solve.
"Legislation alone is not sufficient; we a......
[more] Cash Cow or Spam Sow? A marketing firm that offers people cash in exchange for letting their computers be commandeered to distribute bulk e-mails has come under fire from antispam activists, who say the program is just a cover for a high-tech spamming operation.
The program, operated by Sendmails Corp., offers members $5 for downloading and installing the company's VirtualMDA (mail delivery agent) software. The New Hampshire company promises to pay an additional $1 for every hour of computi......
[more] Spamhaus breaches great firewall of China Monitoring project works with Chinese authorities to crack down on spammers Anti-spam organisation Spamhaus is taking its crusade to China following an invitation from the Chinese government.
After the US, more spam is sent from China than any other country, and Spamhaus hopes to persuade the Chinese authorities to implement effective anti-spam legislation and technologies.
A team of Chinese volunteers will monitor spammers and report back to the UK......
[more] Can eMstamps Stop Spam? A small Massachusetts software company wants to stop spammers by making sure they feel some pain in their pocketbooks.
The company, eMstamp, has applied for a patent to add an electronic postage system to the existing SMTP e-mail protocol, all in an effort to stop spammers by upping their costs of business.
eMstamp is the brainchild of ImagineNation, a father and son software company based in Swansea, Massachusetts. According to Mel Davey, the father part of the......
[more] Spain hit by spam pain Government ISP blocked by anti-spammers State run ISP Telefonica De Espana (TDE) has been blocked from a large number of US web sites.
TDE is the most prestigious spammer on the Abusive Hosts Blocking List (AHBL), which is used by American ISPs to identify the worst spammers in the world and block them.
According to the AHBL TDE users are flooding the world with thousands of junk advertising emails and dodgy financial scams.
It is rare for a whole ISP to be bloc......
[more] MPs ponder whether 'benign' hacking should be legal With Britain's Computer Misuse Act heading for a revision, some MPs want to explore whether ethical hacking should be allowed Should UK citizens ever should have the right to launch a hack attack against a computer or a network?
A group of tech-savvy MPs are poised to consider this question, as the All-Party Internet Group (APIG) launches an investigation into Britain's cybercrime laws.
APIG has recognised that the Computer Misuse Act (......
[more] Spam slows down ISP Kiwi email at snail mail speed New Zealand's largest ISP Xtra has had its entire systems slowed because of spam.
According to stuff.co.nz, yesterday it took up to 24 hours for Xtra to get an email to its destination because its servers are so clogged with junk.
That is the same length of time it takes New Zealand Post to get a snail mail to an address in the same town.
A spokesperson for Xtra said the problem was temporary and seemed to be caused by a dramatic increa......
[more] China Struggles With Spam Foreign spammers export junk e-mail from Chinese servers, as country fights incoming spam problems of its own. Suresh Ramasubramanian knows about outsourcing. The company he works for, Hong Kong-based Outblaze, has made a business out of running e-mail and Internet services on behalf of other companies. But there is an outsourcing trend he and others are fighting to stop.
As China marks the tenth anniversary of its first full connection to the Internet, the growing......
[more] Spamhaus assaults 'Great Wall of Spam' Anti-spam organisation Spamhaus is opening up operations in China with the launch of a new site, Spamhaus.cn, this week.
For some time China has acted a 'safe-haven' for spammers offering so-called bullet-proof hosting - in reality, unscrupulous ISPs who pull the plug on spammers when enough complaints are received by their upstream provider. According to Spamhaus, China currently has three of the world's most spam-friendly ISPs: PCCW, Chinanet in Chon......
[more] E-mail controls loom in Zimbabwe The Zimbabwean government has proposed obliging its internet service providers to divulge details of e-mails deemed offensive or dangerous. Zispa, the local ISP association, has asked the government to clarify its proposed addendum to providers' franchise contracts.
One ISP told BBC News Online it was not a provider's duty to police the net.
President Robert Mugabe has suggested the internet, widely developed in Zimbabwe, is a tool of colonialists.
T......
[more] Spam Trojans a Growing Problem for ISPs Most Spam Now Originating from Residential Broadband Networks Worms, Spam Trojans to Blame Spam traffic created and routed by spam "trojans" is clogging ISP mail servers, forcing unplanned network upgrades and stoking antagonism between large and small ISPs, according to an analysis by Sandvine Incorporated. Spam trojans are likely responsible for up to 80% of all spam.
What used to be merely a nuisance is becoming a major headache for service provider......
[more] Zombie PCs spew out 80% of spam Four-fifths of spam now emanates from computers contaminated with Trojan horse infections, according to a study by network management firm Sandvine out this week. Trojans and worms with backdoor components such as Migmaf and SoBig have turned infected Windows PCs into drones in vast networks of compromised zombie PCs.
Sandvine reckons junk mails created and routed by "spam Trojans" are clogging ISP mail servers, forcing unplanned network upgrades and stoking......
[more] Bookie reveals $100,000 cost of denial-of-service extortion attacks "Our first attack was in November last year. We got a demand for $50,000 from an unidentified source." These are the words of a UK-based online bookmaker who has agreed to speak to silicon.com, on condition of anonymity, to reveal the full scale of the denial of service extortion threats that betting sites have been battling against for nine months.
The above scenario will be familiar to anyone involved in online betting. S......
[more] ISPs Gang Up on Spammers Even unwitting spammers could lose Internet access under tough proposal. An industry organization representing heavyweight e-mail providers Yahoo, Microsoft, America Online, and EarthLink have teamed on recommendations for ending spam, including cutting off the senders' Internet access.
A Statement of Intent, released Tuesday by the Anti-Spam Technical Alliance (ASTA), lists suggestions and "best practice" recommendations for ISPs, e-mail service providers, governmen......
[more] ISPs look inward to stop spam Many major ISPs recently have come to this realization about the fight against spam: They are both part of the solution and part of the problem.
Every U.S. ISP uses anti-spam techniques to catch unwanted messages coming into their networks before they reach users. Recently, thanks to the urging of industry groups and coordination among providers, ISPs also are taking measures to limit the spam emanating from their networks. While no one is declaring the war......
[more] Should Spam be an ISP Concern? In a study released at its 2004 IT Security Summit, Gartner reports that roughly 34% of online adults in the US say 75% or more of the e-mail they receive is spam. In fact, 11% say they would switch their Internet service provider (ISP) for a different one that was better at stopping spam. Exactly 42% say they would be more likely to switch than not if a different ISP offered a better spam solution.
Gartner surveyed a sample of 1,427 adults over the age of 18 in......
[more] Innocent users told: Pay up or we tell the police about your child porn Criminal gangs turn to blackmailing the average user While criminal gangs are more widely associated with threatening denial of service attacks unless they get a kickback of thousands of pounds, it seems some are taking a more small-scale approach to extortion: now average PC users are being targeted.
Instead of £50,000, the criminals are making demands by email of a mere £50. Unless they're paid off, they threaten to tell......
[more] Think Globally, Block Locally Spam is a global problem: Even though most of it originates in the United States, the bulk of it is sent from overseas on behalf of American spammers. Is law or technology the best way to solve the problem?
That's the question considered by privacy experts at a conference called "International Spam Law & Policies: The Global Case." Most speakers firmly came down against legislation, promoting a mix of private legal action and technology.
The conference, hel......
[more] Top adware threat revealed CoolWebSearch is one of the top adware threats on the web according to a six month survey of computers by an ISP and a privacy protection software company.
More two million scans of computers were carried out by the ISP Earthlink and Webroot Software during January to June. They found more than 54 million instances of spyware.
By far the biggest was CoolWebSearch. This hijacks a user's homepage and directs it to a paying client's web site. If you try to kill it some......
[more] The root of spam could be you The biggest single source of the spam that you receive may be you. Personal computers that have been infected with certain viruses and related types of malicious code are responsible for turning the humble home PC and broadband connection into the leading source of spam on the Internet.
Depending on who you believe, as much as 80% of all the spam sent on the Internet today comes from these compromised PCs - an estimate at the end of 2003 was 30%, indicating how qu......
[more] eBay Germany domain hijack: No prosecution imminent The Internet auction house has no plans at present to take legal action against the 19-year-old who confessed to hijacking its Web site A school pupil who admitted taking ownership of the eBay Germany domain will not face charges immediately as eBay Germany first wants to investigate the incident further, according to ZDNet Germany.
The 19-year-old from Helmstedt, Lower Saxony, confessed last week to requesting a DNS transfer for eBay.de, but......
[more] Worldpay hit with DDoS attack Online transaction service Worldpay appears to be the latest victim of a Distributed Denial of Service attack (DDoS) over the weekend with its website falling off the face of the internet by Monday. Such attacks typically involve bombarding websites or servers with enough traffic as to render them unusable -- typically through a co-ordinated attack by hi-jacked machines as seen with the endgame of the MyDoom virus attack which turned its army of 'zombies' on SCO.......
[more] Spyware levels off over the last three months Spyware is still a menace but the number of these invasive applications has levelled off over the last three months From January through September of this year, 83.4 million instances of spyware - or 26 per PC - were discovered by software maker Webroot and ISP EarthLink
While the amount of spyware doubled from the first to second quarter of 2004, the third-quarter figures remained just about flat, according to Webroot and EarthLink.
Looking at t......
[more] US company fined for UK rogue dialler scam A company based in New York has been fined £100,000 ($185,500) for ripping off UK punters with a premium rate number scam. Some 850 people complained to watchdog ICSTIS that B&B Services LLC had caused them to run up huge phone bills while connected to the internet. People claimed that dialler software installed on their PCs made repeated internet calls without their knowledge or consent.
Although B&B Services, which ran an adult service, den......
[more] Hackers nobble Lycos anti-spam plan Lycos vigilante attack on spammers has been hit by a vigilante attack. Spammers are suspected.
Lycos was offering a screensaver which, once downloaded, would launch a Distributed Denial of Service attack against spam websites. A DDS attack makes constant requests to a specific part of a website until it gets overloaded and falls over. Such attacks are illegal in most countries. Security firm FSecure advised people not to download the program because of legal......
[more] Spam punishment doesn't fit the crime I hate spam as much as the next person, but recent decisions by courts in Iowa and Virginia demonstrate how fear of technology (and justifiable annoyance) can force the legal system to impose fines and sentences that are grossly disproportionate to the harm caused by spammers.
This is not to defend or justify spammers, whose actions are at best deceptive, almost always annoying, generally illegal and frequently criminal. But when people who send email ar......
[more] Has Spam Growth Stabilized? While the amount of unwanted e-mail hasn't decreased, there is some good news. The volume of e-mail made up of spam has stabilized, according to figures from Symantec's Brightmail unit.
December's figures, culled from traffic traveling through its servers, showed that 67 percent of e-mail is now spam, identical to the previous month. That was after three months when spam volumes were stable at 66 percent.
This is still equivalent to tens of millions of messages per......
[more] Spyware plague triples in three months Epidemic of Trojans, keystroke loggers and system monitors The number of infections from Trojans, keystroke loggers and system monitors tripled during the last three months of 2004, a security audit has revealed.
According to the 2004 Spy Audit conducted by ISP Earthlink and online privacy firm Webroot Software, the instances of spyware infections on consumer PCs rose 230 per cent, while the instances of Trojans rose 114 per cent from October 2004 to Decem......
[more] Spam plateaus - but worse times to come? The reports of spam's death have been greatly exaggerated... The level of spam hitting users' inboxes has reached a plateau, showing little increase in recent months, leading some in the industry and the media to predict we may be on the verge of a meaningful decline in volumes of unsolicited mail.
But any celebration is misguided and more than a little premature according to those working at the coal face, with one anti-spam expert warning it could eve......
[more] Spammers' ISP attacks 'all hype and bluster' Industry hits back at zombie claims from SpamHaus Security vendors have accused anti-spam experts at Spamhaus of hyping a trick that allows spammers to take advantage of internet service providers' mail servers.
Earlier this week Steve Linford, director of Spamhaus, warned that email infrastructures were on the verge of collapse because a new worm is forcing zombie computers to relay spam via ISPs' mail servers. This, Linford said, is a huge problem......
[more] MCI 'makes $5m a year from spam gangs' Spamhaus has slammed MCI for hosting a website selling spamming software that is allegedly integral to the illegal trade in compromised PCs. The site - send-safe.com - sells spamware called Send Safe which uses broadband-connected PCs infected by viruses such as SoBig to distribute junk mail.
More than 70 per cent of spam comes from PCs infected with viruses or trojans, according to Spamhaus, a leading anti-spam organisation. By using compromised machines......
[more] MCI-Verizon deal sparks spam fears Will Verizon's proposed multi-billion dollar take-over of MCI send spam levels rocketing or help bring the problem under control? Campaigners are divided over the impact that Verizon's proposed $6.75bn buyout of MCI could have on spam levels.
Anti-spam campaign group Spamhaus is concerned that the deal, announced on Monday, will create more safe havens for spammers to operate in.
"If [Verizon] combines with MCI, that makes it safer for hosting spam," said Ste......
[more] MCI divorces spam bride after 18 month affair MCI, the ISP formerly known as Worldcom, has finally booted off the website hosting spamming tool Send-Safe off its network. Send-Safe, written and run by Russian Ruslan Ibragimov, is the most popular vehicle used by spammers to distribute unsolicited marketing emails.
The news has been greeted enthusiastically by anti-spam campaigners who had been lobbying MCI to stop hosting the Send-Safe website for some 18 months.
"MCI kicked Send-Safe off its......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] Spam - some figures on the threat Spam lies at the heart of the modern cyber-crime phenomenon. So how big is the problem? You hear all sorts of statistics these days about the level of threat faced by companies, and the Infosecurity show is bound to see these rolled out by vendors at every opportunity. But which ones deserve to be taken seriously?
Proving there is a threat is easy; working out the scale of this is another thing altogether. We decided to research the latest reliable figures we......
[more] Phishers turn DNS against authorities Botnets used to frustrate efforts to shut sites down. Phishing scammers are cleverly abusing automated "bots" by targeting DNS servers, security experts have warned. The new technique makes it significantly harder to shut down phishing sites.
In a conventional phishing scam, users are lured to a malicious website which counterfeits the appearance of a trusted site such as a bank or e-commerce site, and convinces the user to input their account information.......
[more] Virus writers claim Blair's email account was hacked The Prime Minister's email account is the subject of a spam scam that can infect computers with Trojan horses. Don't fall for it Cybercriminals claimed on Friday that the Prime Minister's email account has been hacked, in the latest attempt to attack PCs with malware.
On the same day Tony Blair won a third term in government, a spam message was sent out stating that malicious hackers had penetrated his email account.
The email contains a l......
[more] CyberGuard launches wireless security appliance for SMEs CyberGuard Corporation has announced a new all-in-one wireless workgroup security and data access appliance, the CyberGuard SG565, designed to secure the wireless and wired local area networks of small and medium-sized enterprises.
Unifying defences to combat blended threats via a single device combining firewall, intrusion prevention and gateway anti-virus is quickly becoming a requirement for small and medium-sized businesses. CyberGua......
[more] Spam blacklisting for one million Telewest customers Telewest says action is "heavy-handed" but they can't say they didn't see it coming... One million Telewest customers have been blacklisted for sending spam by one of the most powerful anti-spam organisations on the web.
The Spam Prevention Early Warning System (SPEWS), whose blacklist is referenced by many anti-spam controls, imposed the block in response to the high number of Telewest customers whose machines have become compromised and ta......
[more] No 'sorry' from Love Bug author Five years ago, a new "supervirus" hit the headlines. It had the two successful - but evil - elements: destructive virus coding coupled to an enticing title and the simple fact that it arrived from someone the recipient knew. The combination was virus dynamite.
Most viruses start slowly and then build power; "I Love You" hit the computer world like a bomb - anti-virus companies had not seen anything like it and while they struggled to contain the infection, copy......
[more] Save us from spam The majority of UK consumers and small businesses are yet to deploy anti-spam filters. A poll of UK residential email users and SMEs published Monday found 57 per cent have no anti-spam filtering installed, leaving them unprotected from spam, key logging and phishing attacks. Four in five consumers (82 per cent) have anti-virus protection, predominantly desktop scanners.
Most consumers (60 per cent) polled in the survey from email filtering outfit Checkbridge reckon that thei......
[more] Denial of service attack victim speaks out Breaking the silence and breaking the stranglehold of the extortionists... The founder of an online payment system has spoken to silicon.com about his experience of being targeted by Russian gangsters who threatened to destroy his website and his business if he didn't pay them $10,000 to leave him alone.
To this day his website is under continual attack.
Asif Malik, founder of NoChex, said his first contact with these hackmailers was in August 2004......
[more] ISPs found innocent of aiding zombie attacks in 'trial' ISPs were put on "trial" Tuesday, with hundreds of IT security professionals serving as jurors, for not doing enough to keep subscribers' computers from being compromised and used as tools in attacks on corporate networks.
The plaintiffs, a couple of fictional companies hit by denial of service attacks, argued that ISPs could do more to prevent "zombie" machines used in attacks by scanning subscribers' computers, monitoring traffic and s......
[more] Today's Hackers Code for Cash, Not Chaos As volunteer director of the SANS Institute's Internet Storm Center, Marcus Sachs has an eagle-eyed view of Internet security, tracking cyber-threats in real time and raising awareness when malicious hackers launch attacks.
Sachs also directs the Washington operations of the Cyber Security Research and Development Center, which is operated by SRI International's Computer Science Laboratory under a contract with the U.S. Department of Homeland Security.......
[more] Sophos ZombieAlert Identifies Spammer-Controlled Computers On Business Networks New automated service notifies organisations about their exploited and hijacked computers Sophos, a global leader in computer security, has announced the launch of Sophos ZombieAlert, a new alert service that identifies 'zombie' computers attached to organisational and ISP networks. Zombie computers are infected machines that give control to unauthorised and remote hackers, allowing them to send spam from the comput......
[more] U.K. Anti-Spam Policy Is Toothless The U.K. government and ISPs are doing little to tackle spam, according to the annual report from the Office of the Information Commissioner (ICO), according to a VNUnet piece in the E-Commerce Times. Apparently, no action was taken regarding the 600 spam complaints that the ICO had received in the previous 12 months. Thee ICO claimed that it lacks the necessary powers to pursue and prosecute spammers. It advises users to seek advice from their ISPs.
"This pr......
[more] DNS servers - an Internet Achilles' heel Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones. In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning.
"That is almost 10 percent of the scanned DNS servers," Kaminsky said......
[more] The Case of the Stolen Wi-Fi Whether you're unwittingly sharing your wireless LAN or poaching, be aware of the risks. Benjamin Smith III and Gregory Straszkiewicz both were arrested for allegedly stealing something no one could see, hear, or feel. That thing was valuable enough for victims to press charges in both cases. But the arrests were over something many consumers throw out their windows every day: a Wi-Fi signal.
The idea of a police car roaring down the street to catch a roving "Doom"......
[more] AOL in great spam bounty giveaway Want to know what it is like living the life of a successful spammer? A competition from ISP AOL is offering the bounty recovered from a spam conviction to help you find out. A Hummer H2 (gigantic military- car loved by ostentatious celebrities), $75,000 cash and $20,000 in gold are to be won in a competition on the AOL website beginning today [Wednesday]. The loot was recovered from Brad Bournival, a spam scourge who at the height of his powers delivered milli......
[more] Stratford-on-Avon joins the WiMax world Another area of the UK is set to get a taste of WiMax this year - the Midlands will be the next region to trial the long-range wireless broadband technology, it has emerged.
The six-month pilot will be run by ISP Pipex with kit from Airspan in Stratford-on-Avon. The pair are hoping the experiment will give them a better idea of which services and equipment work best with WiMax connectivity.
The trial will be broken down into two phases. The first phase......
[more] Anti-spam user authentication is 'worse than useless' Claims that user authentication schemes will reduce spam are not just wrong but "wrongheaded", a security researcher warned on Friday.
User authentication schemes such as SPF (Sender Policy Framework) and Sender ID check if machines are allowed to send email from a claimed domain - a kind of caller line identification (more here on email authentication). But "this doesn't tell you who the actual sender was or the spaminess of a message," Ni......
[more] Worm spoofs Google on infected PCs Virus writers have developed a worm that spoofs the behaviour of internet search engine Google, varying the results displayed to suit the requirements of hackers.
P2Load-A modifies the HOSTS file on infected PCs by replacing the original with a file downloaded from a remote website under the control of hackers. When users run a search, the results are normally shown correctly - but sponsored links are different. For some searches, other links appear which hav......
[more] DDoS attacks still biggest threat Companies should devote more resources to countering old-fashioned DDoS attacks when investing in security, a survey of global ISPs has argued.
The figures from Arbor Networks in its Worldwide ISP Security Report came from questionnaires sent to 36 large ISPs in the US, Europe and Asia.
Over 90 percent of ISPs surveyed cited simple "brute force" TCP SYN and UDP datagram DDoS floods from zombie PC networks as their biggest day-to-day hassle, a finding which sh......
[more] 'Spam' e-mail filters getting better - FTC E-mail "spammers" are aggressive as ever but Internet providers are getting better at blocking junk messages before they reach users' inboxes, according to a U.S. Federal Trade Commission study released on Monday.
The FTC found that spammers continue to "scrape" e-mail addresses from the Web using automated programs that look for the telltale "@" sign.
But up to 96 percent of those messages were blocked by the two Web-based e-mail providers used by t......
[more] ISPs Making Progress on Spam Internet service providers are making progress in slowing spam, according to a recent Federal Trade Commission (FTC) study.
The report found that spammers continue to harvest e-mail addresses from public areas of the Internet, but addresses posted in chatrooms, message boards, USENET groups and blogs were unlikely to be taken.
"Indeed, some chatroom operators took proactive measures to prevent the harvesting of e-mail addresses posted by the FTC staff," the stud......
[more] Timeshare spammer jailed Testimony from US ISP Earthlink has led to a one-year prison sentence for a notorious timeshare spammer. Peter Moshou was also ordered to pay $120,000 in compensation this week following his June conviction for violation of the CAN-SPAM Act. Moshou's criminal prosecution was among the first under US anti-spam legislation.
Moshou was charged with sending millions of spam emails in 2004 and 2005 seeking personal information by offering brokerage services for people inter......
[more] Florida spammer fined $11bn A small Iowa-based ISP has been awarded $11.2bn (£6.5bn) in a record judgment against a Florida spammer. CIS Internet Services successfully sued James McCalla over claims he sent more than 280m illegal spam messages with fraudulent return addresses towards CIS accounts, punting mortgages, debt consolidation services, pornographic and gambling websites. The judgment by US District Judge Charles Wolle, issued in late December 2005, further bans McCalla from using the i......
[more] Two years after Gates prediction, spam still exists It has been two years since Microsoft's Bill Gates made the bold prediction that spam would be a “thing of the past," but the problem is still as bad as ever, according to new figures released. The research by anti-virus company Sophos found that the level of non-English spam has risen, with the vast majority now being relayed by "zombie" computers hijacked by trojan horses, worms and viruses under the control of hackers.
Sizeable increases a......
[more] Hackers lurk in AMD Web site WMF flaw being exploited on customer support discussion forums Users of Advanced Micro Devices Inc.'s (AMD's) microprocessors may want to think twice before looking for technical support on the company's Web site. Customer support discussion forums on the forums.amd.com site have been compromised and are being used in an attempt to infect visitors with malicious software, an AMD spokesman confirmed Monday.
The problem was first reported Monday in a blog posting by......
[more] Portal helps IT staff to secure PCs Antivirus software vendor F-Secure has introduced a new hosted service for small and medium-sized firms to help IT staff ensure data security.
F-Secure Service Platform for Businesses is an always-on, automated tool based on the firm’s antivirus, anti-spyware and firewall technologies. It is also being marketed to service providers so that they can provide an opt-in security service to their own business customers.
The platform features an easy-to-use web-b......
[more] Two-thirds of UK businesses fail to patch Nearly two-thirds of UK small businesses are failing to install patches as soon as they are released by vendors, according to a new study. The survey of 449 IT managers by secure email service company Inty, found that 59 percent of UK SMEs do not deploy new application software patches as soon as they are released by vendors. The main reason was the time required to test patches and roll them out to affected computers."It's alarming to see that......
[more] AOL to see phishers in court AOL is using the long net of the law to snag three “phishing gangs” from the wild. The internet service provider (ISP) filed three civil suits against unnamed phishers in Alexandria, Va., federal court for the state's Eastern District.The lawsuits are the first time a major ISP has cited the state's anti-phishing statute, which was adopted last July. The suits also cite numerous federal laws and seek damage awards of $18 million, AOL said in a Tuesday statement.Curt......
[more] India is top target for spam The rate of technological advancement has outstripped growth in security awareness in India, while the US is still the highest spam producer India's rapid adoption of new technology has left its PC users struggling to cope with very high levels of spam, according to a report released Wednesday. Ninety-one percent of email traffic sent to Indian PC users is spam, according to email security company MessageLabs, which warned that the rate of technological advancement h......
[more] What future for the wireless Square Mile? Which applications will prove a hit for the City wi-fi users? The City of London has taken the wraps off an ambitious project that will see the Square Mile entirely connected by wi-fi access.For City workers and tourists alike, the project will mean continuous wi-fi access from an area stretching from Blackfriars Bridge to the Fann Street Wildlife Garden and Liverpool Street station.The City wi-fi project will be a five-year collaboration between the Cor......
[more] United Nations calls for ISPs to police spammers Legislation should be put in place to force service providers to combat spam, according to the UN's telecommunications body The UN on Wednesday recommended enforceable codes of conduct for ISPs as a way to cut down on spam. The International Telecommunication Union (ITU), the UN organisation responsible for global telecoms standards, recommended that ISPs be required to enforce codes of conduct regarding their customers, and block spammers' email......
[more] Half of business travelers worried by hotspot security More than half of all business travelers are still concerned about security levels offered by wireless, according to a global survey Public Wi-Fi hotspots, in places such as airports, hotels, railway stations and coffee bars, have been available for some time, but 55 percent of respondents claimed they still have concerns about data security. Nearly a third (30 percent) of the 150,000 people polled by the survey, conducted by wireless ISP iB......
[more] Barclays offers free F-Secure AV software The bank has signed a deal with the antivirus vendor to provide protection to online customers Barclays Bank has announced it will offer F-Secure's basic antivirus package to online banking customers for two years, starting on Friday. Barclays will offer F-Secure Anti-Virus to its 1.6 million active online customers, and has actually bought more than 1.6 million."We had to be flexible enough to offer all our customers protection, so we have ample li......
[more] ISP-level porn filters a bad idea When the precursor to the Internet surfaced back in 1972 it's doubtful many people realised one of the main eventual uses of the technology would be to distribute massive amounts of pornography. The academic research networks that existed at that stage barely had enough bandwidth to service universities and defence agencies. Fast-forward to 2006. To today's Internet community, downloading Paris Hilton's sex tape is almost as easy as falling out of bed.The reali......
[more] AOL unveils corporate IM beta AOL has launched a public beta of its AOL Instant Messenger Pro service. The ISP already operates the world's largest IM network. The new AIM client targets enterprises with features such as integration with Microsoft's Outlook client software and online collaboration tools. AOL has also teamed up with WebEx, a provider of online meeting applications. The beta is available as a free download, but AOL is expected to turn it into a fee-based service when th......
[more] Aussie taxes to fund 'free' porn blocks The federal government in Australia is to spend AU$116.6m (£46.7m) to provide all Australian families with free internet pornography blocking software.The minister for communications, IT and the arts, Helen Coonan, announced the initiative today. A spokesperson for the minister told silicon.com sister site ZDNet Australia the first free filters should be available for download from a government portal within six months.Coonan said in a statement: &q......
[more] Spam zombies give UK ISPs the fear The potential disruption of service and risk posed by compromised, zombie PCs spewing spam is putting fear in UK ISPs, according to a survey conducted by security firm StreamShield Networks.A massive 96 per cent of 50 ISP respondents cited the proliferation of botnets - networks of virus-infected PCs under the control of hackers - as a key business issue.According to industry analyst firm Gartner, seven in 10 items of spam originate from infected PCs.Other ite......
[more] U.K. ISPs to share data for spam study A new set of guidelines may pave the way for dozens of Internet service providers in the U.K. to participate in a research project into the problem of spam, estimated to comprise 60 percent or more of the world's e-mail traffic. The guidelines concern how ISPs should deal with sensitive issues such as customer privacy and data-protections laws, while cooperating to shut down machines propagating spam, said Martin Hutty, head of public relations for th......
[more] Microsoft's security meeting causes unease For 10 years, Microsoft has held annual meetings with top antivirus companies; but now the software giant is a rival, some attendees are questioning the meeting's purpose Microsoft likes to keep its friends close - and now security companies are its foes, it may well want to keep those even closer. The software maker has traditionally held meetings with partners to explore common ground. Security has been one area of activity: for almost 10 years, it ha......
[more] F-Secure grows steadily and profitably Total revenue increased by 35% to a record level of 19.8m F-Secure continues its successful growth strategy as the total revenue of the second quarter rose by 35% to a record 19.8 million euro. The operating profit increased by 88% to 2.8 million euro.The company is the clear global leader in offering the Security as a Service concept through Internet Service Providers. F-Secure has a 36% share of the European broadband ISP market and a 25% share of the Eur......
[more] Secure Computing set for Becta certification Vendor claims award will help channel partners to grab a slice of the education market Content filtering vendor Secure Computing is close to securing a British Educational Communications and Technology Agency (Becta) URL-filtering certification, which it has claimed will open up the education market to its channel partners. Secure Computing, which recently acquired messaging security vendor CipherTrust for $273.6m (CRN, 24 July), told CRN that the edu......
[more] Microsoft sues British spammer for Hotmail breach Microsoft has won what it described as the largest reported civil award against a spammer in Europe. The software giant says it won a court order requiring spammer Paul Fox to pay £45,000.Rather than pursue a case under Britain's limited anti-spam laws, Microsoft filed a complaint that Fox had breached the terms and conditions of its Hotmail service. It conditions state: "You may not use any [Microsoft] Services to send Spam. You also......
[more] Researchers believe spam should be fought at network level A pair of Georgia Tech researchers suggested this week that internet service providers (ISPs) might be able to fight junk email more efficiently at the network level rather than using message content filters. "Content filters are fighting a losing battle because it's easier for spammers to simply change their content than for us to build spam filters.," said Nick Feamster, a Georgia Tech assistant professor of computing. "......
[more] Time to simplify security software Complex security software that people need to buy in a store or online, then install and manage, should be replaced with a simple shield delivered nearly invisibly with an Internet access account, argues Siilasmaa, the chief executive of F-Secure.The small Finnish security company - it recorded €61.8m in revenue last year - specialises in security as a service. In Europe, it leads the market and provides security software to just over a third of all broad......
[more] Hackers drill into internet's core Hackers stepped up their attacks on the internet on Wednesday, targeting some of the main computers responsible for directing online traffic. The internet suffered a potentially debilitating attacks on three of its 13 DNS (domain name system) servers. These are operated by internet body ICANN (Internet Corporation for Assigned Names and Numbers), the US Defense Department, and domain manager UltraDNS. The attack was achieved by inundating them with large volum......
[more] Turkish hacker strikes Down Under Legendary Turkish hacker iskorpitx has turned his attention Down Under with an attack that grounded the websites of nearly 600 Kiwi businesses and about 300 international sites hosted by the same US-based web server.As stuff.co.nz reports, "in each case the content of a site's homepage was replaced with an animated medieval knight, Turkish pop music, and a cryptic Turkish message".Vodafone owned ISP ihug was the worst hit, though several other ISPs ar......
[more] Scotsman wins £1,300 settlement against spammer An Edinburgh man has obtained damages of more than £1,300 from British-based spammer.Gordon Dick was granted the order against Transcom Internet Services Ltd of Henley-on-Thames at a January hearing in Edinburgh's Sheriff Court. Although he hasn't received any money yet, even after sending a debt collector around to Transcom's premises, the lawsuit is a landmark in the fight by consumers against UK spammers. This is the first action of its k......
[more] Image spam: In the picture Spammers are finding new ways to bypass filters, but that doesn't mean you have to let them bombard your inbox. Rob Buckley reports Need pain releif (sic)? Some Cialis, perhaps? Or maybe you'd like to invest in China YouTV Corp (CYTV)? You've probably received at least a few emails offering some of these things because they managed to sneak past your spam filters. Rather than using a simple text-based email, these spammers have embedded their kind offers into images, m......
[more] Do you know what's leaking out of your browser? Information seeping out of your Web browser could provide a gold mine for hackers doing reconnaissance for targeted attacks.At the ToorCon Seattle (beta) conference, Web application security specialist Robert Hansen (RSnake) demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure flaws in Internet Explorer and Firefox to collect information on a target's computer system.For a basic idea of the kinds of information your......
[more] Spammers stuff PlusNet email accounts Gaffe-prone ISP PlusNet has had its email database stolen and its users' accounts bombarded by spammers.The attack first surfaced yesterday, when PlusNet punters reported that previously spam-free email addresses were being filled with unsolicited discount pharmacy marketing. Some forum posters report that a few of their webmail contacts have received more spam too.In a statement, BT-owned PlusNet said: "It has come to our attention that a number of cu......
[more] FatPipe WARP Helps Internet Business Achieve Always-Up Internet Availability to Customers and Retailers The Internet business Shoplocal announced this month that it has attained Internet reliability and redundancy, thanks to FatPipe Networks, (www.fatpipeinc.com) the inventor of router clustering devices for reliable, redundant and high speed Internet WAN connections. Shoplocal is an online shopping and advertising company made up of more than 200 affiliate media, search and shopping sites that......
[more] Mitigating the effects of a DDoS attack There's a great variety of attacks and hacks that black hats can perpetrate on your network. Fortunately, you can prevent most of them using an assortment of security measures. However, a distributed denial-of-service attack (DDoS) is an entirely different story. You can't thwart a DDoS attack - they attack an IP address or service that's available to the internet.If you can't prevent such an attack, what can you do to protect your organisation? You can be......
[more] AOL drops Kaspersky for McAfee Giant ISP and web services provider AOL is offering a free, special edition version of McAfee security software to users registered with its network. The offer replaces a previous offering based on Kaspersky technology, which was quietly taken offline several weeks ago. The customized product, based on McAfee's Internet Security Suite, combines anti-virus and anti-spyware with a firewall and identity theft protection. The AOL Active Virus Shield software, a pared-......
[more] 'We're not scared' of Storm, say researchers Reports that security researchers are running scared from hackers responsible for the Storm trojan are overblown, say some of the people who have dug into the complex malware. Last week Josh Corman of IBM's Internet Security Systems said that Storm, a multifaceted Trojan Horse that has been used to gather a substantial army of bots (or compromised computers), strikes back using distributed denial-of-service (DDoS) attacks when it senses probes of its......
[more] Researcher releases proof-of-concept VoIP hack Potential Trojan listens and records on the network or at the ISP level An expert has released a proof-of-concept program to show how easy it would be for criminals to eavesdrop on the VoIP-based phone calls of any company using the technology. Called SIPtap, the software is able to monitor multiple Voice-over-IP (VoIP) call streams, listening in and recording them for remote inspection as .wav files. All that the criminal would need would be to inf......
[more] 'Zombie' exploits cached by search engines Over a year after first coming to light, the cache engines of major search engines are still providing a safe hiding place for malicious code, a security company has revealed. The latest warning comes from security company Aladdin, which logged an attack against a university website which was eventually traced back to just such a ‘poisoned cache'. The originating site had been taken offline, but the code from it was still able to spread by living......
[more] Unpatched PCs open to latest web hack A sophisticated hacking scheme seen early last year is affecting an increasing number of web servers, including one owned by a major online advertising company, Finjan Software has said. It appears that a single gang is behind the attacks, since the malicious software it spreads is storing login and password details on one server in Spain, said Yuval Ben-Itzhak. Finjan is trying to get the ISP to shut it down, he said. A web server of an online adverti......
[more] Hackers target aspiring Internet scammers In a twist, security researchers have discovered a group of hackers who are exploiting a new category of victims: aspiring Internet scammers. A Moroccan group called "Mr. Brain" is offering free phishing kits on a Web site hosted in France, said Paul Mutton, Internet services developer at Netcraft, a security company in Bath, England. The software packages make it easy to quickly set up a fraudulent Web site mimicking a known brand in order to trick peo......
[more] EU aims to clarify legal status of IP addresses A European Parliament hearing on Google-DoubleClick ventured into murkier territory as it tackled the question of whether an IP address should be considered private data. The question of whether an IP address should be considered private data occupied much time at a hearing earlier this week at the European Parliament regarding Google's planned acquisition of DoubleClick. If a person can be identified by an IP address, then the address is pri......
[more] YouTube failure highlights global Internet security risk Disruption to Google's YouTube video service at the weekend has highlighted a flaw in the Internet's design that could some day lead to a serious security problem, according to networking experts. The issue lies in the way Internet Service Providers (ISPs) share Border Gateway Protocol (BGP) routing information. BGP is the standard protocol used by routers to find computers on the Internet, but there is a lot of BGP routing data available......
[more] Security firms split over Phorm classification Security firms are split about whether they will classify Phorm's targeting cookies as adware. Kaspersky Lab, whose anti-virus engine is licensed to many other security vendors, said it would detect the cookie as adware. However, AVG, developer of the most widely used free of charge anti-virus scanner, said it would not detect Phorm's cookie even though the Czech firm's CTO Karel Obluk describes the technology as "borderline".AVG has decid......
[more] New software hobbles Phorm advertising system Software that may make the data collected by the Phorm advertising service completely useless has been released by a privacy group. The AntiPhorm Group, which describes itself as "a loose conglomeration of concerned individuals comprised of artists, programmers and designers" has created AntiPhormLite in a bid to prevent ISPs tracking and subsequently profiting from their customers surfing habits. The controversial Phorm advertising system......
[more] Social networking faces EU regulation call Europe's top Internet security agency, ENISA, has called for new legislation to police social networking sites such as Facebook and MySpace. "Social networking sites are very useful social tools but we must make recommendations for how to better protect people from the risks these sites create," said Andreas Pirotti, executive director of ENISA (European Network and Information Security Agency). He suggested that EU legislation be expanded &q......
[more] ICANN: Meddling with DNS poses security problem The interception of Internet traffic to snoop on phone calls or track surfers' behavior is a hot topic -- but what's keeping members of ICANN's Security and Stability Advisory Committee up at night is the interception of traffic to and from sites that don't even exist. They explained why in a session at ICANN's public meeting in Paris on Monday. There are still a few possible domain names out there that have not yet been registered, and if you acc......
[more] Fortune 500 lacking in email spoofing basics DKIM and SPF, two things that companies can do you help lower, not stop, but at least lower, the types of attacks that can be pulled off using their name. Recent research by Secure Computing shows that just over two hundred of the Fortune 500 fail to use either one of the forgery countermeasures. This is in contrast to the Sendmail findings that about ninety percent of the Fortune 1000 use SPF or DKIM to fight fraud. SPF (Sender Policy Framework) or......
[more] Banking Trojan hides in fake Alonso F1 crash story Fabricated news of a supposed car accident involving Formula One star Fernando Alonso is being used to distribute a new banking Trojan. The fake news story, supposedly from Spanish daily El Pais, has two-time motor racing champion seriously injured on Tuesday in an accident in the norther city of Bilbao. The bogus story, distributed via spam emails, links to a video clip depicting what appears to be a spectacular blaze. The clip installs malware......
[more] AmazingMail.com uses Juniper Networks EX-series Juniper Networks Inc., the leader in high-performance networking, today announced that its EX-series Ethernet switches and Secure Services Gateway (SSG) firewalls are deployed by Scottsdale, Ariz.-based AmazingMail.com, Inc., a leader in advanced direct mail marketing to significantly lower IT costs and simplify network and data center operations. By replacing the company's incumbent switching and security products with Juniper high-performance net......
[more] FBI searches Tenn. student's apartment in Palin hacking case But proxy service operator says hacker's IP address 'doesn't look consistent' with state legislator's son FBI agents served a search warrant on Sunday at the Knoxville, Tenn., apartment of a college student whom Internet sleuths last week had named as the hacker who accessed Alaska Gov. Sarah Palin's e-mail account, a local television station reported. But the Georgia man who runs the proxy service used to mask the hacker's identity sa......
[more] Australia trials national net filters Is the Rudd government about to erect a Great Firewall of Australia - introducing a form of internet censorship that will infringe upon the freedom of computer users to browse the worldwide web? That is the concern of online civil liberties groups, as the Rudd government prepares plans for a field trial of internet service provider (ISP) filtering products, with a view to introducing them nationally. ISP filtering is the blocking of certain sites which the......
[more] Spam drop could boost Trojan attacks The dramatic fall in spam traffic reported last week after alleged rogue ISP McColo Corp. was taken offline will only be a temporary reprieve and could actually generate a new wave of Trojans, experts have warned. ISPs disagree on the global percentage drop in spam caused by the shuttering of San Jose-based McColo last Tuesday, with estimates given by those contacted by Techworld ranging from 50% to 80%. But even the lower figure is still an unprecedented fa......
[more] Anti-fraud site targeted in Joe Job attack Fraudsters have upped the ante in their fight to discredit a respected UK-based anti-fraud website. The email address of Bobbear.co.uk, which fights phishing fraud by exposing groups attempting to recruit money mules, was spoofed in obscene emails. The Joe Job attack represents a further attempt to make life difficult for Bobbear.co.uk, which operates on a voluntary basis, and site administrator Bob Harrison. Just over a week ago the site came under a......
[more] ISP chops last head off Srizbi bot An Estonian ISP that temporarily hosted the command-and-control servers for the notorious spam-spewing Srizbi botnet, has cut off those servers, according to computer security analysts. Starline Web Services, based in Estonia's capital Tallinn, had hosted four domain names identified as the control points for Srizbi, according to researchers from computer security firm FireEye. Hundreds of thousands of PCs around the world infected with Srizbi, a difficult-to-......
[more] Botnets crawl back after McColo shutdown Mega-D botnet creators have set up new command and control servers and re-established their connections with bots just three weeks after the closure of spam hosting provider, McColo. According to Marshal8e6's TRACElabs, the spammers have restored the affected connections and Mega-D, which was one of three major global botnets shut down, is now back spamming again. US-based web-hosting firm McColo was shutdown by its ISP on November 11 following a journal......
[more] Yahoo to scrub personal data after three months Yahoo said Wednesday it will anonymize most of the data it collects about people's Web searches after three months, a move that could put further pressure on competitors Google and Microsoft to do the same due to privacy concerns. Yahoo, which previously kept the data for 13 months, will now retain it for the least amount of time compared to its rivals.Google said in September that it would anonymize data after nine months, down from 18 months. Mi......
[more] Internet needs global regulation, says researcher The Internet needs to be globally regulated if it is to have any chance of stopping scams such as security ‘scareware', a researcher has suggested. According to Mary Landesman of ScanSafe, the recent Federal Trade Commission (FTC) injunctions against two companies accused of distributing fake anti-virus programs is a step in the right direction but against a backdrop of widespread abuse. Landesman was referring to the recent case against US outf......
[more] Spam surges again despite McColo takedown Spammers have regrouped and are finding ways to send more junk mail despite recent efforts by security experts. Spam levels dropped by almost half when rogue ISP (Internet service provider) McColo was taken offline in November. But some new botnets and even older ones are churning out more spam. "At the current rates, we'll be back at those pre-McColo takedown levels probably within the next three to five weeks," said......
[more] How to recover from a data breach The best defence against hackers trying to steal corporate data is a whole lot of preparation, says Danny Bradbury. hese days the headlines are full of stories about data being stolen from major organisations - in both the private and public sector. Though every exec hopes they'll never experience such an incident, it's best to be prepared, just in case. So what do you do after a data breach? As with disaster recovery, you need a playbook, ready and wait......
[more] Four in 10 phishing scams end up in Blighty's inbox The UK suffered the greatest number of phishing attacks globally last year as criminals used UK banks as bait for unwary consumers. A total of 135,426 phishing attacks were detected across the world in 2008, 40 per cent of which were aimed at the UK, security firm RSA has found. According to a report by the company, the UK underwent a "marked increase" in phishing attacks as "a result of several massive surges of attacks against......
[more] Spam back up to pre-McColo levels Four months after ISPs disconnected hosting provider McColo, the global volume of junk e-mail has apparently returned to its previous levels, Google stated in an analysis posted on Tuesday. Using data collected from its filtering of spam on behalf of 15 million business users, the search giant found that, by the latter half of March, the seven-day average level of junk e-mail climbed to pre-McColo levels. In addition, the first quarter of 2009 had a higher sp......
[more] Piracy law cuts internet traffic Internet traffic in Sweden fell by 33% as the country's new anti-piracy law came into effect, reports suggest. Sweden's new policy - the Local IPRED law - allows copyright holders to force internet service providers (ISP) to reveal details of users sharing files. According to figures released by the government statistics agency - Statistics Sweden - 8% of the entire population use peer-to-peer sharing.Popular BitTorrent sharing site, The Pirate Bay, is also base......
[more] Cache-poisoning attack snares top Brazilian bank One of Brazil's biggest banks has suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware, according to an unconfirmed report. According to this Google translation of an article penned in Portuguese, the redirection of Bradesco was the result of what's known as a cache poisoning attack on Brazilian internet service provider NET Virtua. RegAd('mpu1', 'reg.security.4159/crime'......
[more] US cuts off 'criminal' net firm An American ISP allegedly involved in distributing spam and images of child abuse has been thrown off the net. The US Federal Trade Commission asked for Pricewert LLC's net links to be severed after it had gathered evidence of the firm's 'criminal' connections. The FTC alleges that Pricewert had created one of the "leading US-based havens for illegal, malicious, and harmful content". Pricewert denied the allegations and said it would fight them in court.......
[more] Spam drops after latest ISP closure The US Federal Trade Commission's recent takedown of an Internet service provider thought to be a safe haven for spammers has reduced spam volumes, but only by a little. According to email security vendor Marshal8e6, total spam volume dropped by about 15 percent last week, as the FTC got a court order to pull the plug on a notorious ISP named Pricewert. "We noticed quite a drop-off mid to late last week," said Phil Hay, a threat analyst with Marshal......
[more] Xroads Service Strives for Zero Network Outages With so much of the business depending on web and e-mail applications, many companies have taken steps to secure more reliable bandwidth, such as a TI connection. What few realize, however, that even with a T1's 99.9 percent uptime, that still adds up to more than 15 hours per year of downtime. Initially, the only way to achieve redundancy was through complex protocols like BGP (Border Gateway Protocol), EGP (Exterior Gateway Protocol) IGP (Interi......
[more] Security group converges to fight Internet abuse As cybercrime continues to proliferate on the Internet, one industry security group is hoping its work will help stem the tide of spam and scams. The Messaging Anti-Abuse Working Group (MAAWG) held a three-day meeting in Amsterdam this week, discussing spam, network security, the DNS (Domain Name System) and other topics. Industry professionals traded ideas on stopping abusive online behavior. Much of MAAWG's work is done behind closed doors. The......
[more] Virgin file-sharers risking suspension Virgin Media could start suspending persistent file-sharers on a temporary basis, using information provided to it by the Universal record company. The ISP announced on Monday that it would, before Christmas, launch an all-you-can-eat music download service for its users, based on a monthly subscription fee. The tracks will all be DRM-free. "In parallel, the two companies will be working together to protect Universal Music's intellectual property and......
[more] Irish ISP Eircom hit by multiple attacks that restrict service for users The Irish ISP is experiencing an unprecedented volume of traffic that officials believe is multiple DNS poisoning attacks. The site has been experiencing problems for other month, according to Dark Reading, when users first began to complain of slow response times at the end of May. Rik Ferguson, senior security advisor at Trend Micro, claimed that it was ‘certainly clear that many Eircom subscribers are being redirected to......
[more] Unsung heroes save net from chaos Crack teams of volunteers keep the net online and functioning, according to leading internet lawyer Jonathan Zittrain of Harvard University. The way data is divided up and sent around the internet in many jumps makes it "delicate and vulnerable" to attacks or mistakes, he said. However, he added, the "random acts of kindness" of these unsung heroes quietly keep the net in working order. Professor Zittrain's comments came at the TED Global conference i......
[more] DNS remains vulnerable one year after Kaminsky discovered bug A year has passed since security researcher Dan Kaminsky disclosed a serious flaw in the DNS that makes it possible for hackers to launch cache poisoning attacks, where traffic is redirected from a legitimate Web site to a fake one without the Web site operator or end user knowing. Kaminsky’s disclosure was a wake-up call to network vendors and ISPs about the inherent weaknesses in DNS, the foundational Internet standard that matches......
[more] After links to cybercrime, Latvian ISP is cut off A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. Real Host, based in Riga, Latvia was thought to control command-and-control servers for infected botnet PCs, and had been linked to phishing sites, Web sites that launched attack code at visitors and were also home to malicious "rogue" antivirus products, according to a researcher using the pseudonym Jart A......
[more] FAQ: The ins and outs of DoS attacks Thursday's denial-of-service attack that knocked Twitter offline for a few hours and affected Facebook, LiveJournal, and Google Sites and Blogger wasn't your average attack. Typically, someone who has a bone to pick with a specific Web site will round up some hijacked PCs and use them to try to shut the site down. In this case, whoever was responsible was trying to block access to a specific user's accounts and not the sites themselves. Denial-of-service at......
[more] How to create a password protection policy Passwords are an integral aspect of our computer security program. Passwords are the front line of protection for user accounts. A poorly chosen password may result in the compromise of critical (organisation) resources. As such, all (organisation) staff and outside contractors and vendors with access to our systems are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords. Purpose The purpose of this pol......
[more] Lack of single sign-on could hamper cloud security Hackers could in for one of the biggest security bonanza since UK Government stopped using paper and started dropping CDs, DVDs and USB sticks. There have been many concerns about cloud security, indeed it's often seen a big barrier to adoption, but the thorny question of user credentials could make the cloud in even less attractive for users. Microsoft is one company that has been expressing concern about this. At TEC09 in Berlin the company h......
[more] Demon splurges details of 3,600 customers in billing email Demon Internet sent thousands of business and government subscribers an email this morning telling them all about a new e-billing system, and tacked on details, including passwords, for 3,600 customers. The email - supposedly from Simon Blackburn Demon's director of customer service - has been sent to customers opting for e-billing. It includes a guide to the new service along with user names and passwords.
But the email also has a .csv......
[more] Microsoft confirms phishers stole 'several thousand' Hotmail passwords Microsoft today confirmed that thousands of Windows Live Hotmail account usernames and passwords had leaked to the Internet, but said the credentials were "likely" stolen in a phishing attack. The company denied that its Web-based e-mail service had been hacked and the account log-in information stolen because of some lapse on its part.
Earlier today, Neowin.net reported that more than 10,000 accounts had been compromised an......
[more] Q&A: Websense threat research manager, Carl Leonard V3.co.uk sat down with Carl Leonard to discuss his role as head of the Websense threat labs in Europe, and the state of the threat landscape. Carl Leonard discusses Web 2.0, user-generated content and the dangers of drive-by malware. V3.co.uk: As head of the Websense European threat research team, what does your role entail?Carl Leonard: The security labs division is made up of a strong team of experts located globally. Our main aim is to deve......
[more] First iPhone worm spreads Rick Astley wallpaper The first worm written for Apple's iPhone has been unleashed and is infecting phones in Australia. However, the worm, known as Ikee, is only a threat to users who have jaibroken their phones to let them run unauthorized software, security experts say. In fact, Ikee doesn't do anything particularly bad -- it changes the victim's wallpaper to a photograph of 80s singer Rick Astley and then seeks out other phones to infect -- but it could be modified......
[more] Google launches alternative DNS resolver Google has created a new system to resolve DNS (domain name system) queries that the company claims will speed up Web browsing for end-users, as well as make it more secure. Google Public DNS, announced on Thursday, is still in an experimental phase.
It attempts to improve on existing DNS resolver technology with faster, more efficient caching and additional security safeguards against spoofing attacks that try to dupe users into visiting malicious Web......
[more] Australia's net filter makes world headlines Senator Stephen Conroy is fast becoming an international name - with the world's technology and political community astounded as much by his plans for an internet filter as the build of the $43 billion national broadband network. London's Telegraph led with the headline "Australia plans Chinese-style internet filtering", reminding its UK readers that the leaked ACMA blacklist had included the "innocent websites of a dentist's practice in Queensland,......
[more] Chinese ISP hosts 1 in 7 Conficker infections Security experts have known for months that some countries have had a harder time battling the Conficker worm than others. But thanks to data released Wednesday by Shadowserver, a volunteer-run organization, they now have a better idea of which Internet Service Providers have the biggest problem. In terms of the total number of infected computers, China Telecom's Chinanet seems to have been hardest hit by the worm, which began spreading late last ye......
[more] SpamAssassin '2010' bug blocked email across world If you sent an email in the first few hours of 2010, there is a chance that it never reached its recipient thanks to an embarrassing ‘2010' bug buried in the open source SpamAssassin anti-spam engine used by many Internet Service Providers. According to a UK-based techie who first blogged on the issue, the fault lies with the ‘FH_DATE_PAST_20XX' rule used in conjunction with many others by the program to score the likelihood of an email......
[more] ISPs could cut spam easily, says expert Two simple techniques could be used to strangle botnets, a security expert has claimed. First, block email port 25 by default. Second, tell users when they are spewing spam from compromised PCs. According to Trend Micro's CTO, Dave Rand, who is leading a campaign to reform the way ISPs approach the matter of botnets and spam, the two countries that adopted such techniques, The Netherlands and Turkey, have seen a huge reduction in the numbers of botnetted......
[more] Security tips for large and small businesses Whether your business is a big fish or a small-fry home office, you can get hacked just the same, and the stakes are higher than a few canceled credit cards. Here are a few tips to protect your users and your networks--steps that even enterprise-class security specialists may slip up on. Know Who Might Be Targeted - and How and Why
With the recent news of attacks on US companies including Google, many business owners might be thinking, "That wouldn't......
[more] Zeus botnet dealt a blow as ISP Troyak knocked out Internet service providers linked to the notorious Zeus botnet have been taken down, knocking out a third of the command-and-control servers that run the network of hacked machines. Two ISPs, named Troyak and Group 3, were home to 90 of the 249 known Zeus command-and-control servers. Zeus Tracker, a Web site that tracks the botnet, noticed the steep drop in servers on Wednesday morning.The Troyak network was itself an upstream provider to six n......
[more] One-third of orphaned Zeus botnets find way home The takedown of 100 servers used to control Zeus-related botnets may be a short-lived victory, security researchers said after discovering that about a third of the orphaned channels were able to regain connectivity in less than 48 hours. The resurrection of at least 30 command and control channels came after their internet service provider found a new upstream provider to provide connectivity to the outside world, autonomous system records showe......
[more] Cybercrime's bulletproof hosting exposed Researchers at RSA have identified the network framework that endows some of the worlds most notorious botnets with always-on connections that are virtually immune from takedowns. At the network's heart are the servers that shepherd tens of thousands of infected PCs so they continue to send spam, spread malware, and stay updated with the latest bot software. By maintaining multiple conduits between these master control channels and the outside world, mal......
[more] Zeus banking virus is back warns security firm Zeus, a virus that steals online banking details from infected computer users, is more powerful than ever, warns a web security company. Trusteer says it has spotted the Trojan virus in one of every 3,000 of the 5.5m computers it monitors in the US and UK. Zeus 1.6 can infect people using Firefox and Internet Explorer web browsers, the company claims.The malware steals login information by recording keystrokes when the infected user is on a list of......
[more] Single group did 66% of world's phishing A single criminal operation was responsible for two-thirds of all phishing attacks in the second half of 2009 and is responsible for a two-fold increase in the crime, a report published this week said. The Avalanche gang is believed to have risen out of the ashes of the Rock Phish outfit, which by some estimates was responsible for half the world's phishing attacks before fizzling out in late 2008. Driving the success of both groups is their use of state......
[more] IT managers want World Cup ban More than half (54 percent) of IT managers believe employees should be banned from watching the World Cup using their PC at work, says Blue Coat Systems. Research by the network management firm revealed that 69 percent of IT managers were convinced their office staff would be determined to watch the England matches during the tournament.This could lead companies to find their corporate bandwidth fully occupied by video streaming, slowing down networks and potentia......
[more] What is Wikileaks? Whistle-blowing website Wikileaks is once again at the centre of attention as it makes public more than 90,000 secret records of incidents and intelligence reports from the US military about the war in Afghanistan. It is the latest in a long list of "leaks" published by the secretive site, which has established a reputation for publishing sensitive material from governments and other high-profile organisations.In April 2010, for example, it posted a video on its webs......
[more] Global spam hits all-time high Spam hit an all-time high this year, with more unwanted messages pouring in from a smorgasbord of countries, thanks in part to globalization. Such are the findings of a recent and comprehensive report on all things security-related from IBM X-Force. The typical spam message has sources as diverse as the spam lunch meat; it's sent from a machine located in the United States, India, or Brazil, and it contains a .ru URL (Russia's top-level domain) that's hosted in Chi......
[more] Pigeon flies past broadband in data speed race Broadband is the most modern of communication means, while carrier pigeons date back to Roman times. But on Thursday, a race between the two highlighted the low speeds of rural broadband in the UK; the pigeon won. Ten USB key-laden pigeons were released from a Yorkshire farm at the same time a five-minute video upload was begun. An hour and a quarter later, the pigeons had reached their destination in Skegness 120km away, while only 24% of a 300MB f......
[more] Zeus botnet thriving despite recent arrests The Zeus botnet remains a robust network that is difficult to destroy despite an international sting operation that saw dozens arrested this week for allegedly stealing money from online bank accounts. Zeus is an advanced piece of malicious software that can intercept online banking details and initiate money transfers. It can infect computers that have software with coding flaws that have not been fixed. Law enforcement officials arrested more than 10......
[more] Legal sector moves indicate cloud acceptance Law firms are putting their e-mail systems in the cloud to cut costs and ensure they adhere to tough data protection regulations. Information sent and received by law firms is not only business critical, but often highly sensitive. As a result security, storage and reliability are necessities for any e-mail system. This has lead to IT departments buying separate systems to provide security, archiving and back-up.Cloud service provider Mimecast, which......
[more] Sudden spam drop leaves experts baffled Spam volumes appear to have dropped to averages last seen in 2008 after an expected surge in bogus email over the Christmas period failed to materialise. Estimating real spam volumes is a notoriously difficult exercise thanks to a tendency of spam to naturally ebb and flow over time and the fact that no agency has a single view on the phenomenon. However, figures revealed in recent weeks by a number of companies that have compiled stats make curious readin......
[more] Major downturn in spam output in 2011 The slowdown in global spam at the start of 2011 was reminiscent of the shutdown of the McColo botnet in late 2009. According to the Symantec MessageLabs Intelligence Report for January 2011, following a two-week decline in spam levels, spam now accounts for 78.6 per cent of all email traffic, which is the lowest rate since March 2009. The volume of spam in circulation in January 2011 was 65.9 per cent lower than for the same period one year ago in January 2......
[more] Egypt's internet block causes huge spam drop Spam levels in Egypt have virtually vanished, showing the almost complete block on internet activity which the authorities have managed to engineer in the country since Thursday night, according to the latest figures from security vendor Sophos. Although according to some reports the Noor Group ISP is still online, probably because it hosts the Egyptian Stock Exchange, all of the major service providers were ordered to cut their services at around mid......
[more] Germany provides a secure way to deal with spam In theory, stopping spam is easy: just make it uneconomic to send millions of messages by charging for each one sent, or make senders authenticate their identity to stop address spoofing and simplify blocking. In practice, that would involve building a secure, parallel email infrastructure linking electronic authentication with real-world identities: a daunting task. Yet that's just what Germany is about to do. De-mail -- a play on the country-code......
[more] Firm points finger at Iran for SSL certificate theft Iran may have been involved in an attack that resulted in hackers acquiring bogus digital certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo, a certificate issuing firm said today. The bogus certificates -- which are used to prove that a site is legitimate -- were acquired by attackers last week when they used a valid username and password to access an affiliate of Comodo, which issues SSL......
[more] EU official states ISP content filtering may be illegal A legal case against Belgian internet service provider (ISP) Scarlet has thrown up a legal opinion from an advocate general of the European Court of Justice (ECJ), saying that content filtering could be a breach of EU rights. Pedro Cruz Villalón published the opinion during a case brought against Scarlet by the Belgian Society of Authors, Composers and Publishers. The organisation is seeking a court order for the ISP to either instal......
[more] Domain security comes to .co.uk Nominet plans to bring a higher level of security to UK domain names within the next two weeks. The .uk registry manager said on Thursday that it has implemented the new DNSSEC protocol in the .co.uk zone. Companies could be able to cryptographically sign their internet addresses as early as May 18. DNSSEC (domain name system security extensions) is an IETF standard that makes it harder for attackers to steal traffic by spoofing domain-name routing information.If......
[more] Netflix dominates US net traffic Movie and TV streaming site Netflix is now the single biggest source of internet traffic in the US, according to research. The data, gathered by network monitoring firm Sandvine, showed that in March the site accounted for 29.7% of downstream traffic at peak times. That is more than web browsing and peer-to-peer file sharing. Experts warned that as the trend grows, internet service providers will face costly upgrades to satisfy demand.Even at off peak times Netfl......
[more]
