Inter-Provider

Is it time to build an “SP Anti-DOS Alliance?”

Is it time to build an “SP Anti-DOS Alliance” is the first of several blogs. It will be a brain dump of what collaborative actions have and has not been working within the industry. Last week, I posted a Linkedin update on the Operator’s Security Toolkit. A long term colleague, Eddie Chan,  pointed out the Read More

checklist-721x407

The Practical Security Checklist – Part 2.1

This is part “2.1” of a multipart post to help organizations take security action. Stay tuned for next week’s practical security checklist item. Board members, CxOs, and professionals are saturated with security advice. This security advice is often confusing, contradictory, and always biased toward “buying something.” “Good security advice saturation” results in paralysis of action. Read More

ripe-ncc

RIPE NCC Responds to the Rove Digital/DNS Changer Re-allocations

RIPE has publicly responded to the surprise felt by members of the DCWG and others involved with the Rove Digital/DNS Changer clean up community. The statement on their web page is as follows: 15 Aug 2012 — ripe ncc As reported in previous announcements, the RIPE NCC will go to court in the Netherlands on Read More

DCWG

Beware! DNS Changer’s IP Blocks are re-allocated and advertised!

As of Friday morning (August 10, 2012), the IP address blocks used by the Rove Digital criminal operations have been re-allocated by RIPE-NCC and advertised to the Internet: http://www.ris.ripe.net/cgi-bin/lg/index.cgi?rrc=RRC001&query=1&arg=85.255.112.0%2F20 http://www.ris.ripe.net/dashboard/85.255.112.0/20 As a reminder, the Rove Digital/DNS Changer Crew used the following IP address blocks for their nefarious activities: 85.255.112.0/20 67.210.0.0/20 93.188.160.0/21 77.67.83.0/24 213.109.64.0/20 64.28.176.0/20 From Read More

FCC

U.S. Anti-Bot Code of Conduct (ABCs) for Internet Service Providers (ISPs) is now posted

The FCC’s Communications Security, Reliability and Interoperability Council’s (CSRIC) has now posted the U.S. Anti-Bot Code of Conduct (ABCs) for Internet Service Providers (ISPs). This voluntary code of conduct is a milestone for the industry – placing new expectations on the eco-system required to safe guard our telecommunications system. The core of the code is Read More

DCWG

DNSChanger – New tool to clean up the infection

DNS Changer (see http://www.dcwg.org/) has been a “thick” piece of malware to remediate. At the start of the take down we have ~600K violated computers. Today we’re at ~400K computers. Not an impressive clean-up record. Why? The operational security community has no effective tools that an average user can use to start cleaning up their Read More

CLDAP Reflection Attacks

2012 – A year of Cyber-Security Optimism

The wave of annual cyber-security predictions of doom are coming to a close. Every year security experts would talk about how malware infections are spreading, botnets are going to cause catastrophic damage, the evil “Chinese peril” are stealing everything on-line, and the next Cyber “Perl Harbor” is just around the corner. Many people just ignore Read More

1200px-Conficker.svg

Conficker – the “Fortunate 500”

Conficker has been a dual edge sword to the industry. On one hand, it a nasty “weapons grade” hijacking malware with nefarious consequences – ranging from a platform for crime to a threat  Global Telecom’s, SCADA, and other critical infrastructure.  On the other hand, it is an example of what cyber-civic society can do when Read More