French news website Numerama reports that a huge amount of files has been deleted from world’s largest content streaming site MegaVideo. Since then, the number of dead links on streaming site eMuleIsland has increased tenfold.
Archive for 2011/01/14
HostExploit is pleased to present the Q4 2010 end of year report on the Top 50 Bad Hosts and Networks as part of a continuing series on worldwide cybercriminal activities. The emphasis this quarter is on the repeat offending of some hosting providers.
Internet service providers and botnet mitigation: ISPs can play a crucial role but the economic incentives under which they operate will make them reluctant to take on that rolePosted: 2011/01/14 in Cybercrime, Education / Awareness, Enforcement, Network Security, New Business Models, Public Policy, Stats / reports
In the period under study, January 2009 to June 2010, we identified around 1.1 million IP addresses that indicated the presence of an infected machine in the Netherlands. Around 900,000 of those were located in the networks of the main Dutch ISPs. This can be conservatively interpreted as 450,000 to 900,000 infected machines.
To put it differently: During 2009, between 5-10 percent of all Dutch broadband subscribers have suffered an infection that made their machine part of a botnet. The data for the first half of 2010 suggests this pattern will hold or get worse for 2010.
In reality, the number of infected machines in the Netherlands is probably significantly larger than our estimates suggest. This is because only a fraction of the infected machines we identified show up in more than one dataset. In other words, there is only a small overlap among the datasets. This suggests that if we would include additional datasets, the number of infected machines we would identify in the Netherlands is likely to be substantially higher.
Dutch ISPs contact around 10 percent of the total number of infected customers in their networks. This low ratio has two main explanations: (1) the ISPs lack intelligence on infected machines – their own data feeds capture much less than the datasets used in the study; (2) ISPs need to be careful to avoid false positives when deciding whether to contact or quarantine a customer, so they cannot act on every single piece of data.
The extent to which the mitigation process is automated – contacting infected customers and, when needed, limiting or quarantining their connection – has a direct impact on the number of customers that are contacted or quarantined. Automation drives down the costs of mitigation.
we also have to acknowledge that ISPs can play a crucial role and that the economic incentives under which they operate will make them reluctant to take on that role. As earlier studies reported, most of the damage of botnets are borne by other actors than the owners of the infected machines or the ISPs that connect them to the Internet.24 Since they do not suffer the full extent of this damage, ISPs and their customers do not have the economic incentives to invest in mitigation at the level that is socially desirable. The cost of mitigation will therefore be a major factor in influencing how much ISPs are willing and able to do in this area
In light of the costs of acquiring and processing this data for use in the mitigation efforts of the abuse departments, it seems worthwhile to explore whether this effort could be pursued collectively. It may be possible to achieve economies of scale by building one platform for all ISPs, rather than each ISP building a platform on its own. A centralized, shared clearinghouse might be an efficient way to drastically improve the intelligence that ISPs are using to protect their networks and customers against modest cost.
Much more: http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2011/01/13/internet-service-providers-and-botnet-mitigation/tud-isps-and-botnet-mitigation-in-nl-final-public-version-07jan2011.pdf
Dutch anti-piracy outfit BREIN managed to pull one of the largest warez scene topsites offline yesterdayPosted: 2011/01/14 in Education / Awareness, Enforcement, Illegal File Sharing
The provider acted based on evidence provided by BREIN, and also handed over the servers to this private outfit. The police were not involved in the takedown, but instead it was the result of information allegedly provided to BREIN by a rogue member. According to the Dutch anti-piracy outfit, the topsite – formerly known as ATS – operated from 12 servers carrying a massive 220 terabytes of data.
What Corruption Looks Like: 87% Of Congressional Reps Supporting Comcast/NBC Merger Got Money From ComcastPosted: 2011/01/14 in Education / Awareness, Stats / reports
Google’s attempt to buy airline fare search company ITA may soon run into another roadblock: an antitrust suitPosted: 2011/01/14 in Education / Awareness, Google, Litigation
ENISA, the EU’s cyber-security agency, launched its investigation on data breach notification rules against a backdrop of steadily rising incident of personal information disclosure breachesPosted: 2011/01/14 in Education / Awareness, Privacy / Data Protection, Stats / reports
DuckDuckGo has compiled a vivid illustrated guide, DontTrack.us, that shows what can happen if you do a Google search for the word ‘herpes’Posted: 2011/01/14 in Education / Awareness, Google, New Business Models, Privacy / Data Protection, Stats / reports
The U.S. ambassador in Iceland, Carol van Voorst, urged Washington to give Iceland’s request “the most careful consideration: we have long-term national interests in the North Atlantic that a negative response would jeopardize.”
She said “it may be more important than we can yet suppose to have the Icelanders remember us as the kind of friend who stands by in fair weather and foul.”
Anonymous: Join us on January 15th for the first in a series of global protests in defense of WikiLeaks and freedom of expression. Stand with us to defend your freedomsPosted: 2011/01/14 in Education / Awareness
Anonymous urges global protests
There seems little doubt that the Wikileaks-released cable describing the opulence of now former president Ben Ali’s lifestyle played a key part in bringing him downPosted: 2011/01/14 in Education / Awareness
The Dutch media NRC and RTL news were given access to 3,000 cables – part of the 250,000 cable Wikileaks collection – by Norwegian newspaper Aftenposten using a back door routePosted: 2011/01/14 in Education / Awareness
The NRC says that while many of the cables are tagged ‘secret’ or ‘confidential’, the collection does not include any with a ‘top secret’ stamp.
Assange’s lawyer in Britain has accused Swedish authorities of secretly planning to extradite the WikiLeaks founder to the United States, in an interview with a German newspaperPosted: 2011/01/14 in Education / Awareness, Enforcement, Litigation, Public Policy
Lawyer Mark Stephens told the weekly Die Zeit that he believed Swedish officials were cooperating with US authorities with an eye to extraditing Assange as soon as the Americans have built a criminal case against him.
“We are hearing that the Swedish are prepared to drop the rape charges against Julian as soon as the Americans demand his extradition,” he said, citing sources in Washington and Stockholm.
If you are used to controlling communications, information and relationships, it’s time to rethink your prioritiesPosted: 2011/01/14 in Education / Awareness, Network Security, New Business Models, Privacy / Data Protection
There is evidence all around us that we are working in a very different kind of environment, where “proprietary” and even “confidential” are elusive concepts. At the same time, it’s not about giving up on information security — data integrity, fraud prevention and security compliance are more important than ever. This is a sometimes contradictory model that presents many challenges for bankers, whether IT or business focused.
The transcript of the 1996 case, when Assange faced charges of computer hacking, was released to The Age yesterday. What that transcript also shows is a young Assange not afraid to speak up to authorityPosted: 2011/01/14 in Cybercrime, Education / Awareness
The charges came five years after Assange hacked into computer servers belonging to RMIT, Northern Telecom, the Australian Telecommunications Corporation and the Australian National University. Assange pleaded guilty to 24 offences before Judge Leslie Ross, who said the crimes were ”quite serious” and ”troublesome behaviour”. Then of Ferntree Gully, Assange was the ”ringleader” of a small organisation of three – himself and two co-accused, described by the prosecutor as being ”looksee” hackers whose motive was ”simply an arrogance and a desire to show off computer skill”. In 1991, the band of three hacked the various computer systems and together compiled International Subversive, an instructional magazine on how to hack and how to phreak (illegal use of telephone systems). It was distributed only among themselves. In 1993 he had set up an internet site for people to access his computer programs, one of which was Best of Security.
Police also found details of hundreds of stolen passwords for networks around the world – along with the dates when he obtained them. Among them were passwords for the US Air Force 7th Command Group in the Pentagon.
Javier Moreno, the editor of El Pais, which published the WikiLeaks logs in Spain, wrote, ‘I believe that the global interest sparked by the WikiLeaks papers is mainly due to the simple fact that they conclusively reveal the extent to which politicians in the West have been lying to their citizens.’Posted: 2011/01/14 in Education / Awareness, Public Policy, Stats / reports
Crushing individuals like Julian Assange and Bradley Manning is not difficult for a great power, however craven.
As Paul Ohm, a former computer crime prosecutor, put it to me, there is a “classic tacit collusion problem” by companies that do not want to compete on privacy and agree among themselves that “the less you know the better.”Posted: 2011/01/14 in Education / Awareness, New Business Models, Privacy / Data Protection, Public Policy
We need to ensure that international decisions involving cyber security are informed by cyber security expertsPosted: 2011/01/14 in Education / Awareness, Network Security, Privacy / Data Protection, Public Policy
Governments, diplomats, businesses and security experts around the world need to have open and honest conversations with each other and work together to mitigate the need for such attacks, as well as identifying ways to combat them.
It is more important than ever that cyber security experts become more involved in policies and relations at a global level, as well as within organisations. We have seen the potential for devastating use of cyber space, and we arm ourselves best to combat these attacks by ensuring our policies, as well as our technology, are informed by security experts. The government takes scientific advice when making scientific decisions. We need a similar pool of cyber security experts who are engaged with the political landscape, who can advise governments on cyber security decisions.
Sun Microsystems co-founder Scott McNealy said, “You have zero privacy, get over it!” And that was before WikiLeaks dumped vast numbers of Pentagon and State Department secret documents into the public domainPosted: 2011/01/14 in Education / Awareness
With WikiLeaks, most crisis experts believe we entered a new era of disclosure threat for all businesses and institutions and there’s no putting the genie back in the bottle. Many think the likely target for leakers will be the sordid, embarrassing and ugly information rather than the financial or trade secrets, but I believe all data’s fair game.
Capitalism cannot prosper and expand in a transparent environment and therefore it has to destroy transparency – WikiLeaks translate into transparencyPosted: 2011/01/14 in Education / Awareness
Blast From The Past. D.I.R.T. spyware exposed on web, its secrets laid bare on an anonymous web sitePosted: 2011/01/14 in Education / Awareness, Privacy / Data Protection
Kevin Poulsen, SecurityFocus 2002-03-14
Software marketed as a computer surveillance tool for law enforcement investigators has its secrets laid bare on an anonymous Web site.
A closely-held software package designed to allow law enforcement agencies to secretly monitor a suspect’s computer turned up on an anonymous Web site in the Netherlands Wednesday, along with user manuals, financial information, contracts and invoices apparently stolen from the company that makes the surveillance tool.
Once installed, the bug can also be controlled with a remote access client, which gives the spymaster the power to browse the target’s hard drive, or run programs on the compromised machine.
The exposed D.I.R.T. files are hosted at the ISP xs4all, under an account that was previously dedicated to an anonymous remailing system maintained by Amsterdam cypherpunk Alex de Joode, who did not answer an email query Wednesday. The top of the Web page quotes Juvenal in asking, “Quis custodiet ipsos custodes?” – “Who watches the watchmen?”
King, Chairman of the House Committee on Homeland Security, asked the U.S. Treasury Department to add WikiLeaks and its founder Julian Assange to its economic blacklist, or sanctions list. Doing so would have given WikiLeaks the same designation as terrorist groups.
On Friday, the Treasury Department said no.
“We do not have evidence at this time as to Julian Assange or Wikileaks meeting criteria under which [Treasury] may designate persons and place them on the” sanctions list, a Treasury representative said in a statement.
It’s just down the street from Facebook’s headquarters, where Zuckerberg reportedly spends 16 hours a day
With China virtually cut off and Western markets maturing, Wikipedia is targeting India first and possibly Brazil next to reach its goal of 1 billion users, Executive Director Sue Gardner saysPosted: 2011/01/14 in Education / Awareness, New Business Models, Stats / reports
“Recently, the Ugg Australia email database was compromised by hackers,” the letter says. “This breach occurred through our email service provider, Silverpop, and a number of major corporations were also victims. No credit card information was compromised. However, some non-financial information you provided may have been accessed.”
Jacob Appelbaum, a security researcher, Tor developer, and volunteer with Wikileaks, reported today on his Twitter feed that he was detained, searched, and questioned by the US Customs and Border Patrol agents at Seattle-Tacoma International Airport on January 10, upon re-entering the US after a vacation in Iceland.
He experienced a similar incident last year at Newark airport.
An archive of his tweeted account from today follows: http://www.boingboing.net/2011/01/12/wikileaks-volunteer-1.html
A large radiology practice in New Hampshire said Wednesday hackers apparently breached a server containing Social Security numbers and medical codes for hundreds of thousands of patients, with the culprits likely rogue gamers looking for bandwidth to play the popular military shoot-’em-up Call of Duty: Black OpsPosted: 2011/01/14 in Cybercrime, Education / Awareness, Organized Crime
The group estimates 231,400 patients might have been affected by the breach.
We’ve looked at removing DRM from iTunes movies and TV shows on Windows, but what about Mac OS X? Here’s how to rip out the DRM and turn that copy-protected M4V file into a regular old MP4 on your Mac.
Distraught Oklahoma University researcher says her stolen MacBook contains years of valuable data on prostate cancer. And no, she didn’t back up.