Site Sponsor:
Ask the Expert
Search this site
Entries from Realtime Community | Messaging and Web Security tagged with 'cybercrime'
Hacking Air Traffic Control Systems
The Wall Street Journal is reporting air traffic control networks have been attacked on multiple occasions in the past several years. The FAA doesn't agree with all the findings of the Transportation Department's inspector general who issued the report but...
Malware and Cybercrime for All Ages
The suggestion by Gene Hodges that the big sociological driver in malware that we've all missed is that young, reclusive hackers have grown up, gotten married and taken on mortgages. Sure, they've grown up but as Allysa Myers points out,...
Study of Cybercrime and Underground Economy
A new study from Symantec (pdf) tries to get a picture of the underground economy for cybercrime by monitoring publicly available sites and channels. This type of survey provide insight into the exposed side of cybercrime but as the report...
Cyber-espionage Reported
A report (pdf) to Congress by the U.S.-China Economic and Security Review Commission finds concerted efforts in cyber-espionage....
Data Breach Victim Goes on Offensive with $1 Million Reward
I wonder if the executives at Express Scripts fell like Peter Finch the movie Network when he rallied the public with the cry "I'm as mad as hell and I'm not going to take it anymore."...
Extoration Attempt over Data Breach
There is nothing new under the sun, even with cybercrime. In the case of a data breach at a pharmaceutical benefits management company, a data loss is being used in a case of old fashioned extortion....
ICANN Pulls Plug On Registrar
EstDomains, Inc. is no longer a valid domain registrar following a conviction on "credit card fraud, money laundering, and document forgery" according to a letter from ICANN to the president of EstDomains....
FaaS: Fraud as a Service
Cloud computing holds promise for many of us, including phishers, identity thieves and others ready to separate you from your money....
Growing Response to Botnets
Driven by the lure of cybercrime profits, botnets keep getting more resilient and sophisticated. So do the measures to keep them in check....
Will We Eventually Need a Budget Line Item for Cybercrime?
According to the Information Security Forum, cybercrime is (not surprisingly) growing and business are more vulnerable to the cost implications of this kind of crime....
Unified Management is Way to Address Too Little Time, Too Many Threats
There isn't enough time to run a business and attend to security but that's ok if you are a small or midsized businesses, because you aren't a target for cybercirme, right? Wrong according to IDC....
Anti-Forensics: Digital Investigations Get More Difficult
We've just posted a new article in the The Essentials Series: Messaging and Web Security - Volume III on anti-forensics. Here is an excerpt:...
Mobile Platforms Becoming More Attractive Targets
Years from now we may look back at today as the tipping point when malware writers got serious about mobile devices....
How Long Will We Wait to Address Fundamental Flaws?
People have known about a fundamental flaw in a major Internet protocol ten years or so and it still isn't fixed so a couple of researchers decided to demonstrate. Anton "Tony" Kapela and Alex Pilosov demonstrate the design flaw (not...
Small & Midsized Companies Targeted by Cybercime, Too
A significant number of SMBs think they are too small to be of interest to cybercriminals but that misses the point. It isn't a matter of being "of interest", its a matter of can a bot herder control your computers...
Defensive Malware and Ironic Outcomes of Military Research
In the past the military and the space agency NASA have spurred innovation in the public and business sectors with derived benefits from there research - take hand held calculators and the Internet for examples. Now the military is reversing...
Yet Another aaS: Crimeware as a Service (CaaS)
You can run an entire business with online services now. You can the office productivity apps from Google or Zoho, servers on demand from Amazon, and databases on demand from Elastra. We've seen for years that cybercrime has developed its...
Feds: We Need A Manhattan Project for Cybersecurity
Internet security isn't working and it needs a massive overhaul. That's the message that's coming from this countries military and national security agencies according to a recent article in BusinessWeek entitled "Defenseless on the Net." So what will a more...
ISPs Expected to Provide More Assistance in Combating Cybercrime
An international treaty group, the Council of Europe Convention on Cybercrime, is moving to require more of ISPs when it comes to fighting cybercrime. The treaty has been signed by 43 countries, including the U.S. Questions are arising, though, do...
Hacking Conviction and Cybercrime
The conviction of Owen Thor Walker, 18, in New Zealand yesterday shows how far cybercrime has evolved. Not even legally an adult at the time, Walker became a bot herder with 1.3 million bots at his disposal. What do you...
Convicted Cybercriminal Turns to Politics
It is uncanny how closely cybercrime has paralleled business in free markets: there is specialization of labor, markets for exchanging goods and services, brokers acting as middle men and now we have what may be the start of a revolving...
Trends in Malware
Malware is becoming more resilient, in part, because of increasingly sophisticated infrastructure for distributing and controlling malware. This podcasts looks at these themes especially with regard to distribution mechanisms for malware, techniques for protecting compromised devices like fast flux, the...
Fortune 500 FTP Credential for Sale
Cybercrime is making sales on line and credentials to ftp sites is one of the latest discovered offerings. Finjan reports in ther Malicious Page of the Month report that 8700 ftp credentials of corporations and government agencies are available through...
Banks Suffering More Losses due to Online Fraud
The Security Fix provides a number of interesting details found in the leaked Federal Deposit Insurance Corporation's Technology Incident Report. For instance, computer fraud related losses averaged $29,630 in 2007, almost three times the 2006 level; and there are case...
Theft in On Line Games
Theft in virtual worlds is back in the news. This time, it's because a group of 11 members of a password theft ring have been convicted in China for stealing passwords to get virtual cash....
Paper Trails Matter
I commented this morning on lack of a paper trail when I voted in Virginia yesterday. Then I thought of all the ATM receipts that are left near the bank machines - maybe I'm making too much of this. Now,...
Reports Show Threats from Cybercrime and Insiders
According to two reports, both cybercrime and self-inflicted security incidents were up last year. The IBM X-Force report shows camouflaging techniques are now used almost 100% of the time by malware attackers, and the Storm worm typifies the problems tracked...
Cybercrime Economy
Cybercrime is a business and this podcast shows just how business like it is . The talk starts with an overview of the characteristics of cybercrime networks that parallel features of the business world and then provides examples. The podcast...
Cyber Bank Robbery in Texas
The lines are blurring between cybercrime and physical world crime. A bank in Texas was robbed with a combination of hacking and fake ATM cards according to the Sun Hearld. OmniBank of America disclosed the robbery and noted no depositors...
Banking Trojan Man-in-the-Middle Attack
Symantec has reported on a banking Trojan that intercepts bank transaction details before they are encrypted and changes destination accounts for transfers to an attacker's account. The Trojan uses a configuration file with the domains of over 400 banks in...
Laws Need to Catch Up With Cybercrime
Art Coviello, executive vice president of EMC Corporation, and Robert Hollyeman, president and CEO of the Business Software Alliance, argue in an op ed piece in the San Jose Mecury News that federal legislation is required to stem the increasingly...
State Sponsored Cybercrime
The Times of London is not mincing any words about state sponsored cybercrimes against UK business interests. The paper is reporting that Shell and Rolls Royce have been targeted by for cyberattacks: Rolls-Royce and Royal Dutch Shell have fallen victim...
Busted Bot Herder and Estimating Bot Population
A teenage bot herder has been arrested in New Zealand who, according to CNN, was responsible for a 1 million node botnet. While the arrest is good news, another notable part of the story is the difficulty in estimating the...
Leading Cybercrime Group Drops Off the Internet (for now)
The notorious Russian Business Network is no longer operational, at least not from their St. Petersburg base. The group provides some of the cybercrime infrastructure that enables other criminal groups to get up and running faster than otherwise possible. For...
Cybercrime Goes After Political Donors
It's not surprising to see that cybercriminals are setting up fake campaign sites to scam would-be campaign donors. Findings from WebRoot, reported in ComputerWorld, show a growing problem with political scams: "What we are seeing is a real explosion in...
Password Cracking with a Graphics Card
It's easy to forget how computationally powerful some graphics cards are. They create near realistic renderings of objects and it turns out their good for password cracking, too. New Scientist is reporting that Elcomsoft, a Moscow based software company, has...
This Week in Spam: Good News and Bad News
The Register is running a story today And now for something completely different: Good news on spam because there has been a drop in stock pumping spam: In the ever-escalating world of cyber insecurity, it's rare to find good news....
Industrial Cybercrime: Targeting Internet Hosting Services
Why go for thousand for small sites individually when you can after them all at once like an industrial fishing ship. That seems to be the reason behind attacks on hosting services. The latest one, this time against Layered Technologies,...
McAfee CEO: Cybercrime Bigger Than Drug Trade
In a keynote address to the InformationWeek 500 conference, McAfee CEO David DeWalt summarized the state of cybercrime and the security market, including something of a wake up call: DeWalt said "it's amazing how low the awareness is of cyber-security...
Botnet Targets Ebay Accounts
Botnets are moving beyond plain old spam and phishing attacks to launch brute force attacks on popular sites. InBotnet Attack Sinks Its Fangs into eBay Accounts, eWeek reports on a new distributed attack that is more sophisticated than we've seen...
Targeted Attack Steals Confidential Data from Government and Contractors in Transportation Sector
A password stealing program used against government agencies and contractors in the transportation sector netted hundreds of megs of password data. The information at this point indicates a clearly coordinated attack which (a) makes one ask why the transportation sector...
Beating Phishers the Old Fashioned Way
Tracking down phishers is difficult because they often hide behind botnets and spoofing techniques but one bunch of phishers was nabbed because of old fashioned paperwork. ComputerWorld is reporting Italian authorities arrested 26 in a scam involving the Poste Italiane,...
Auctioning Vulnerabilities and Making an Honest Buck in Security Research
Security researchers can spend a lot of time chasing down vulnerabilities and turn them over to vendors for free (or maybe several hundred dollars and a t-shirt if they are lucky) or they could sell them to the highest bidder....
RSA Discovers Instant Phishing Sites for Script Kiddies
Here is a story that reminds us cybercrime is a lot like regular business: you develop a product and make its creation and distribution as efficient as possible. For Web admins, system admins, network managers, DBAs, etc. this often means...
Italian Job Attack Uses "Commercial" Malware Delivery Platform
Earlier posts in this blog have discussed the professional, business like nature of cybercrime, here is a case in point. Legitimate Web sites in Europe, especially Italy, are being compromised with a combination of simple HTML iFrame code and a...
Cybercrime Getting Worse for Victims, Easier for Criminals
In yesterday's post I talked about speech by Richard Clarke, former cybersecurity czar, in which Clarke argued that cybercrime and industrial espionage is worse than many of use think. Today I thought I'd run down some examples, research and other...
Reporting on Cyberthreats without Fear Mongering
The New York Times and an ABC affiliate in Durham, North Carolina provide a study in contrast on how to report about cyberthreats. The NYT covers the Estonia cyberattacks with details (not too technical though for the non-IT audience): The...
Dump Hijacked ISPs That Don't Patch
Here are more details on the drive-by malware problem taken up in a post last week. The Washington Post's Security Fix blog used some data from StopBadWare.org and did some detailed analysis of IPOWER, a large hosting company found to...
Cybercrime Continues Evolution to More Business-like Model
Symantec's recent report on Internet security includes statistics collected from computers used by customers and the findings are chilling but frankly not unexpected. According to the San Jose Mercury News - Online hacking organized, report says: While the security industry...
Cybercriminal Recruite Like Business
See Marketplace: Computer crime gets organized for a hint of what we are up against when it comes to organized crime. Criminals aren't just recruiting recent college grads, they are going after seasoned pros....
Trends to Watch: Business of Cybercrime
One the trends that became clear at the end of last year was the business-like manner in which attacks are being formulated and launched. Botnets are getting larger, the number of phishing attacks is increasing, and we are more likely...
Cybercrime Just another Job Option for Undergrads?
McAfee is reporting that cybercriminals are now recruiting undergraduates with the technical skills needed to commit online crimes. The security firm based its conclusions, in part, on FBI and European intelligence....
Cybereconomy Spills Over to Real Economy
The underground economy that drives spam, phishing, botnets and the usual litany of malware may be having affect on the "real" economy. According to The Economist, click fraud in online advertising is becoming such a problem that Google and Yahoo!...
Arrests in Card Theft, Phishing
Looking for a silver lining can be a tough job some days in the world of information security and today we may get as close as we will for a while. Today the FBI announced dozens of arrests in the...
Good Cyber-Citizenship or Self-Incrimination?
Some of the most problematic malware these days has a decidedly economic driver behind it. Trojans, keyloggers, botnets and other information stealing and resource controlling malware are the foundation for a underground cyber economy where credit card numbers and PayPal...
Feed Subscription
If you use an RSS reader, you can subscribe to a feed of all future entries tagged 'cybercrime'. [What is this?]
