Networking and Security

Networking and Security group

ICSI on Wired.com

"Hear Ye, Future Deep Throats: This Is How You Leak to the Press"
May 14, 2013  |  Nicholas Weaver, Wired.com

We now live in a world where public servants informing the public about government behavior or wrongdoing must practice the tradecraft of drug dealers and spies. Otherwise, these informants could get caught in the web of administrations that view George Orwell’s 1984 as an operations manual.

ICSI on Cybermum

"Cybercasing- How Sharing Your Pics, Videos and Status Updates Can Get You Into Trouble"
April 30, 2013  |  Alex Merton-McCann, Cyber Security Mum Australia, McAfee

It can be fun ‘checking in’ at your favourite restaurant on Facebook, sharing pics of your hotel room on Instagram or buying and selling items on eBay. In fact – it can give you quite a buzz. But did you know that ‘geotagging’ (sharing your location via your pics or videos) can put you and your possessions at risk??

ICSI in MIT Technology Review

“Most Malware Tied to ‘Pay-Per-Install’ Market”
June 9, 2011  |  Brian Krebs, MIT Technology Review

New research suggests that the majority of personal computers infected with malicious software may have arrived at that state thanks to a bustling underground market that matches criminal gangs who pay for malware installations with enterprising hackers looking to sell access to compromised PCs. Pay-per-install (PPI) services are advertised on shadowy underground Web forums. Clients submit their malware—a spambot, fake antivirus software, or password-stealing Trojan—to the PPI service, which in turn charges rates from $7 to $180 per thousand successful installations, depending on the requested geographic location of the desired victims.

ICSI in InformationWeek

“Inside The Booming Botnet Industry”
September 7, 2011  |  Mathew J. Schwartz, InformationWeek

When running a botnet, attrition is constant, as security software on PCs finds and eliminates the malicious code that turned the PC into a botnet node. Accordingly, many "botmasters" outsource infections to what's known as pay-per-install (PPI) service providers. Going rates for infecting 1,000 unique PCs with malware range from up to $180 in the United States and Great Britain, from $20 to $160 for other parts of Europe, down to just $7 or $8 in parts of Asia.

ICSI in Naked Security

"An Analysis of the Pay-Per-Install Underground Economy"
September 7, 2011  |  Chester Wisniewski, Naked Security

A few weeks ago at the USENIX Security Symposium, researchers Juan Caballero, Chris Grier, Christian Kreibich and Vern Paxson presented their paper "Understanding the Underground Economy," a look into the inner workings of the pay-per-install underground economy. What is pay-per-install? Security researchers use the term to describe one of the most popular malware distribution methods. In the malware economy, criminals have specialized to perform specific services and contract with one another the same as in the legitimate world.

ICSI in Krebs On Security

“PharmaLeaks: Rogue Pharmacy Economics 101"
June 22, 2012  |  Brian Krebs, Krebs On Security

Consumer demand for cheap prescription drugs sold through spam-advertised Web sites shows no sign of abating, according to a new analysis of bookkeeping records maintained by three of the world’s largest rogue pharmacy operations. Researchers at the University of California, San Diego, the International Computer Science Institute and George Mason University examined caches of data tracking the day-to-day finances of GlavMed, SpamIt, and Rx-Promotion, shadowy affiliate programs that over a four-year period processed more than $170 million worth of orders from customers seeking cheaper, more accessible and more discretely available drugs. The result is perhaps the most detailed analysis yet of the business case for the malicious software and spam epidemics that persist to this day.

ICSI in Krebs On Security

“Rogue Pharma, Fake AV Vendors Feel Credit Card Crunch"
October 18, 2012  |  Brian Krebs, Krebs On Security

Security experts are warning that a newly discovered vulnerability in Internet Explorer 8 is being actively exploited to break into Microsoft Windows systems. Complicating matters further, computer code that can be used to reliably exploit the flaw is now publicly available online. In an advisory released May 3, Microsoft said it was investigating reports of a vulnerability in IE8, and that it was aware of attacks that attempt to exploit this bug. The company stresses that other versions of IE — including IE6, 7, 9 and 10 are not affected by the vulnerability. However, all versions of IE8 are vulnerable, including copies running on Windows XP, Vista and Windows 7.

ICSI in Phys.org

“Grant to Help Computer Scientists Understand the World of Cybercrime"
September 25, 2012  Phys.org

Computer scientists at the University of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

ICSI in The San Francisco Business Times

“UC Berkeley Part of $10 Million NSF Study of ‘Human Element’ in Cybercrime"
September 25, 2012  |  Steven Brown, San Francisco Business Times

Experts from the University of California and George Mason University will study the "human element" of cybercrime with the help of a $10 million, five-year grant from the National Science Foundation. The NSF is giving the money to the International Computer Science Institute on Center Street in downtown Berkeley, as well as to teams from UC San Diego and George Mason University.

ICSI in DFI News

“NSF Grant to Help Understand the World of Cybercrime"
September 27, 2012  DFI News

Computer scientists at the Univ. of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

Pages