Numerous hacks from the Far East sure look like concerted attacks against U.S. military installations, but nobody’s saying for sure… A Wall Street Journal article March 12 described how military networks are increasingly the targets of hackers. The targets are not limited to actual Department of Defense networks, but can also include defense industries and think tanks. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

While generally lauding ICANN’s effort, experts say that more is needed to address the use of fast-flux hosting by bot herders to rapidly shift their malicious web servers and domain-name servers from machine to machine to evade detection. “People are being impacted because they are trying to shoehorn a solution that doesn’t fit the problem. Where fast-flux causes a problem is when you are trying to police the internet through some outdated mode like honeypotting or blacklisting. That just doesn’t work in this environment,” says one security researcher. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

CNN is reporting on a secret meeting with three Chinese hackers operating from a bare apartment on a Chinese island — from the report: “They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world’s most sensitive sites, including the Pentagon. In fact, they say they are sometimes paid secretly by the Chinese government — a claim the Beijing government denies.” According to the leader of the group (nicknamed Xiao Chen), “no website is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness.” More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

At a closed-door security summit hosted on Yahoo’s Sunnyvale campus last week, a researcher demonstrated a new technique to more easily identify phishing and other malicious Websites. Dan Hubbard, vice president of security research for Websense, showed a tool their researchers have built that detects domains that were automatically registered by machines rather than humans… The tool is reported to have 99.9% rate of accuracy, and that automatically generated domains to date represent over 1 percent of the nearly 1 million domains registered each day — and rising. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

As you may be aware from recent news reports, traffic to the youtube.com website was ‘hijacked’ on a global scale on Sunday, 24 February 2008. The incident was a result of the unauthorised announcement of the prefix 208.65.153.0/24 and caused the popular video sharing website to become unreachable from most, if not all, of the Internet. The RIPE NCC conducted an analysis into how this incident was seen and tracked by the RIPE NCC’s Routing Information Service (RIS) and has published a case study… More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

A few hours ago, Pakistan Telecom (AS 17557) began advertising a small part of YouTube’s assigned network. This story is almost as old as BGP. Old hands will recognize this as, fundamentally, the same problem as the infamous AS 7007 from 1997, a more recent ConEd mistake of early 2006 and even TTNet’s Christmas Eve gift 2005. Just before 18:48 UTC, Pakistan Telecom, in response to government order to block access to YouTube, started advertising a route for 208.65.153.0/24 to its provider… More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

Pakistan’s attempts to block access to YouTube have been blamed for a near global blackout of the site on Sunday. Google, the owner of YouTube, blamed the outage on “erroneous internet protocols”, sourced in Pakistan. According to BBC News, the nearly two-hour long blackout was almost certainly connected to Pakistan Telecom and internet service provider PCCW. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

During the Black Hat DC 2008 security conference, security researchers urged companies and political organizations to put more effort into registering mis-typed versions of their primary domain names. In addition to protecting visitors to websites, this is also to prevent emails from accidentally leaking out… As part of an investigation, researchers from Symantec registered 124 domains consisting of common misspellings of the primary domains of candidates in the U.S. presidential election. As reported, in a strictly controlled experiment, a mail server was used to count the number of email messages sent to the misspelled domains, finding 1,121 connection attempts from 12 distinct IP addresses in a 24-hour period. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

Every now and then I get emails from readers of my blog. I mostly reply to them in private, but I recently got one question where I thought my reply might be of general interest. I took the liberty of editing the question somewhat, but in essence it was: “If you have any insight you can share with my class on cyber warfare and security, I would be delighted on hearing it.” In general, I think that it’s an obvious conclusion that both offensive and defensive actions with regard to national telecommunications infrastructure is becoming an integral part of a nations security assessments…. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back

The industry is just one multi-million-dollar corporate data breach away from waking up to the serious and often-silent threat of corrupted DNS resolution servers, says DNS inventor Paul Mockapetris. Researchers David Dagon, Chris Lee, and Wenke Lee of Georgia Tech, and Google’s Niels Provos, dubbed the new threat “DNS resolution path corruption,” where malicious DNS servers provide false information in order to send users to malicious sites. More…

Original post by submitnews@thewhir.com (Web Hosting’s Premier Daily News) and software by Elliott Back