VB Migration

Tag: isp

  • VB2019 presentation: Targeted attacks through ISPs

    In 2019 we saw an increase in the number of targeted malware infections spread via ISPs and service providers. Some notable cases included the installation of digital certificates in the target’s browser, which would help the attackers to distinguish and decrypt traffic, and the spread of malware via HTTP 307 redirects by the StrongPity group.…

  • Hot FinSpy research completes VB2017 programme

    The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…

  • Hot FinSpy research completes VB2017 programme

    The infamous FinSpy (or FinFisher) government spyware has managed to keep a low profile in recent years, though its use of two Microsoft zero-days ( CVE-2017-0199 and CVE-2017-8759 ) this year shows that it is still active. Today, researchers from ESET have published new research which points to the spyware using a different infection method:…

  • South Korea to ask ISPs to block port 25 traffic

    Experts sceptical about long-term effects on spam levels. South Korea intends to require ISPs to block all outbound traffic on port 25 from anything but the “official” mail servers, hoping to help the global fight against spam and to improve the country’s reputation as a spam-friendly country. The blocking of port 25 has long been…

  • DNS poisoning attack targeting Brazilian customers

    ISP employee suspected of changing DNS cache. Millions of Internet users in Brazil may have been exposed to malware after the DNS caches of their ISPs were modified to redirect them to servers controlled by cybercriminals. DNS (Domain Name System) is the system used by computers on the Internet to resolve domain names (e.g. www.virusbtn.com…

  • MAAWG unveils spam and botnet battling policies

    Working group of ISPs and net operators issue traffic calming guidelines. Global collaboration body the Messaging Anti-Abuse Working Group (MAAWG) has ratified a set of guidelines developed by groups of members from around the world, and approved at a recent group meeting, aimed at combating botnets and spam at an ISP level. The guidelines focus…

  • EU agency research advises sweeping security improvements

    ISPs and developers should be held to account, says report. A research paper commissioned by the European Network and Information Security Agency (ENISA) has called for major changes to the way security is currently handled, advising tighter regulations for developers and ISPs and the foundation of an independent agency to monitor cybercrime. The paper, prepared…

  • Five ISPs hosting a third of malware, says study

    StopBadware survey finds small group of ISPs most to blame. In a recent study of almost 50,000 sites known to be hosting malware, five ISPs have been identified as repeat offenders, between them hosting over 17,000 infected pages. The study, carried out by StopBadware.org , the international group of malware fighters founded in collaboration between…