UGN safenet UGN safenet
While America sleeps, and the drive-by media obsesses over who will buy the U.S. presidency, billions of internet users' dollars are being put to work for online crime... and ICANN, the people who bring you the internet, are planning their escape from Washington, D.C. ... Not good news!
Hundreds of thousands of Web sites - including several at the United Nations and in the U.K. government -- have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors' machines. On Thursday, Spanish anti-virus vendor Panda Security said that it had alerted Microsoft that a flaw IIS was the cause of all the break-ins.
According to Finnish anti-virus maker F-Secure, the number of hacked Web pages serving up malicious software from this attack may be closer to half a million. Washington Post - United States
Chinese hackers targeted the Indian embassy computers in Beijing on Thursday. Official sources confirmed these attempts but say classified information has not been compromised.
'No website is 100 per cent safe. There are websites with high level of security but there is always some weakness," China's cyber hacker Xiao Chen -- who boasts two of his colleagues have hacked into the Pentagon. CNN has no way of verifying that. CNN-IBN - New Delhi, India
With all the cyber spies and state-sponsored hackers on the Internet, is there any way to defend ourselves? Critics say not completely --- yet this article claims that classified orders from President Bush says cope with the hacking onslaught by literally disconnecting from the Internet. The feds are closing as many Internet ports as they can. BusinessWeek - USA by Keith Epstein ...
Cyber criminals in the real world have their own version - fast flux - to hide the location of phishing and spamming sites and illegal malware. Trend Micro says "They are definitely on the rise, and make it even more difficult for web users to be protected." Sydney Morning Herald - Sydney, New South Wales, Australia
As might be expected, email users are beginning to see the first stages of what is expected to be a major phishing attack capitalizing on the populace's eager expectation of IRS refund checks, as well as the Bush administration's economic stimulus payment distribution, scheduled to begin May 2. Similar to other iterations of this scheme, this one also has an IRS logo at the top of the message copied directly from the IRS website, according to an entry on the MX Logic IT Security Blog.
Also see this post by William Jackson, who provides this link to an actual example of the first "IRS Phish" version to appear ...
[Quote] As has been common with most of the government agency spoofs that we have seen over the past year, this one has an IRS logo at the top of the message that is being pulled directly from the IRS web site at irs.gov.
> The fastest and easiest way to receive your refund is by
> direct deposit to your checking/savings account.
> Please click on the link and fill out the form and submit
> before April 24th, 2008 to ensure that your refund will
> be processed as soon as possible.[End Quote] SC Magazine US - USA
Security firm RSA has warned that the software kit behind half of the world's phishing attacks has been upgraded. The tool has been very successful, using innovations including unique URL generation to defeat blacklists. The fake phishing pages now include a Trojan dubbed Zeus, so that once a victim's financial data has been harvested the Trojan allows the computer to be controlled remotely.
See: INFOSEC VIDEO: Interview with Ed Gibson, chief security advisor at Microsoft UK ... "The victim is duped into visiting a phishing site," said Uriel Maimon from the RSA 24x7 Anti-Fraud Command Center. VNUNet.com - UK
When it comes to the Internet, consumers are also not doing enough to avoid falling victim to scams such as phishing -- Internet-related fraud is big business. While the introduction of chip and PIN technology has driven face-to-face fraud down, criminals are increasingly turning to cyberspace. Reuters UK - UK
As phishing attacks get tougher, PayPal is working on preventing this phenomenon by blocking older browsers or browsers with no anti-phishing features from accessing their website.
This Slashdot article reports: PayPal Denies It Will Block Safari... "Despite reports that PayPal may drop support for Apple's Safari browser because it lacks anti-phishing features, PayPal now says it ain't so. The New Nation - Bangladesh
Just when users think there are no new ways to spam under the sun, a new method emerges. This time, the phishing attack is under the guise of a meeting invite via Google agenda.
The invite is inserted right into your Google calendar, according to experts at the SANS Internet Storm Center. All the attackers want is a mere $150 non-resident tax in return for $1.2 million, sent directly to you. Tempting indeed. But don't be fooled. CRN - Manhasset, NY, USA
There's always a new wrinkle, but one that's just begun to surface is particularly insidious. E-mails personally addressed to a company's chief executive, containing fake subpoenas, and asking the person to click on a link to access court documents. The problem is that the link installs a Trojan on the businessman's computer. By Christopher Nickson, Digitaltrends.com - Lake Oswego, OR, USA
"The use of social networking websites in phishing attacks is symptomatic of the trend towards targeting people rather than their computers or laptops because users are the weakest link in internet security. As a result, personal information, confidential data or corporate dossiers stored insecurely face the risk of being corrupted or stolen. The 2007 Internet Security Threat Report (ISTR) revealed India had a whopping 32,502 bot-infected computers and over 60 command and control servers, which is an increase of 50 percent over the previous study in 2006. Sify - Chennai, Tamil Nadu, India
Last week, Larry Lessig gave a talk at an FCC event at Stanford that makes a good jumping-off point for my ongoing series on network neutrality. In my previous installment, I made the point that both sides of the network neutrality debate have a tendency to over-estimate the ability of network owners to exert control over how their networks are used. Lessig certainly makes this assumption. He claims that "owners have the power to change [the Internet's architecture], using it as a tool, not to facilitate competition but to weaken competition." from the network-neutrality dept
At last week's FutureNet conference one of the three major topics areas was the future of the Internet. Nemertes Research, the host of FutureNet, brought a very impressive group of Internet experts to the conference to discuss the issue.
#1 - We are running out of IPv4 space (we knew that).
#2 - The global Internet routing table is too big now and getting bigger fast. Michael Morris
Return to: the top of this page, or the INDEX for this department
Exit to: The User Group Network front page
Contact: The Editor, Webmaster or Membership Director
* Discuss Photoshop
* Discuss Desktop Publishing
* Critique your Web Site