International Telecommunication Union   ITU
Site Map Contact us Print Version
 Wednesday, 03 October 2007

The 7th AfriNIC Open Policy Meeting was held from 23 to 28 September 2007 in Durban, South Africa providing discussions on Internet policy. A presentation, "La sécurité de l'internet: un axe de l'intégration africaine," by Pierre Ouédraogo of the Institut de la Francophonie Numérique (IFN) provides an overview and an African perspective of cybersecurity as well as solutions and recommendations to promote cybersecurity. To learn more about AfriNIC and their activities visit their website.

La septième réunion AfriNIC s'est tenue du 23 au 28 septembre 2007 à Durban, Afrique du Sud, donnant lieu à des discussions sur la politique à suivre pour Internet. La présentation de Pierre Ouédraogo de l'Institut de la Francophonie Numérique (IFN) intitulée "La sécurité de l'internet: un axe de l'intégration africaine" donne un aperçu et une perspective africaine de la cybersécurité ainsi que des solutions et des recommandations destinées à promouvoir la cybersécurité. Pour en savoir plus sur AfriNIC et ses activités, visitez leur site web.

Wednesday, 03 October 2007 16:27:21 (W. Europe Standard Time, UTC+01:00)  #     | 

HKDNR, together with the Office of Telecommunications Authority (OFTA), HK Police Force, Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) and other agencies, dedicates much effort in implementing all possible measures to strike .hk domain names that are related to phishing or spamming sites.

"HKDNR is kept updated daily on a spamvertised domain list so that more comprehensive monitoring can be maintained and immediate action can be carried out against these domains. Any domains that are verified as phishing / spamming will be suspended immediately. According to the information published in mid June in AbuseButler on the top 800 spamvertised domains worldwide over the previous 4 weeks, the number of reports on .hk spamvertised domains accounted for 2.3 % of the total reports received. In early August, the number of reports on .hk spamvertised domains dropped to 0.3 % of the total reports received."

Read the full article at the HKIRC Newsletter (September 2007).

Wednesday, 03 October 2007 08:23:15 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 01 October 2007

The Anti-Malware Engineering Team, the team that builds the core antivirus, antispyware, anti-rootkit, and related technology used across a number of Microsoft products and technologies, posted on their blog recent "Storm" worm statistics based on the latest release of the Malicious Software Removal Tool (MSRT) developed and updated by Microsoft’s Malware Protection Center (MMPC). According to the Anti-Malware Engineering Team, as of 2PM on Tuesday, PDT, 18 September 2007, "the Renos family of malware has been removed from 668,362 distinct machines. The Zlob family has been removed from 664,258 machines. And the Nuwar family has been removed from 274,372 machines. In total, malware has been removed by this month’s MSRT from 2,574,586 machines." It has also been reported that another anti-malware researcher who has been tracking these recent attacks presented data that shows that the team knocked out approximately one-fifth of "Storm's" Denial of Service (DoS) capability on 11 September. No continued decrease was evident though since the first day which was presumably due to a newer version of the software that the criminals behind the deployment of the "Storm" botnet has apparently immediately released.

Read the full article here.

Monday, 01 October 2007 15:44:50 (W. Europe Standard Time, UTC+01:00)  #     | 

A report released by the Living Tongues Institute for Endangered Languages in Oregon talks about the alarming rate of extinction of the world's languages. "While half of all languages have gone extinct in the last 500 years, the half-life is dropping: half of the 7,000 languages spoken today won't exist by the year 2100," according to Slashdot. The NY Times, on its article Languages Die, but Not Their Last Words, adds that "83 languages with 'global' influence are spoken and written by 80 percent of the world population. Most of the others face extinction at a rate, the researchers said, that exceeds that of birds, mammals, fish and plants."

Read Languages Racing to Extinction in 5 Global "Hotspots" further here.
Continue reading the NY Times article on language extinction here.

Monday, 01 October 2007 14:05:27 (W. Europe Standard Time, UTC+01:00)  #     | 

The United Nations Food and Agriculture Organization (FAO) on 28 September launched a new interactive web-based site, underscoring the important role information and communication technology (ICT) can play in promoting agriculture and rural development. Users can exchange experiences, opinions and good practices on the platform,, which was developed by the FAO and its partners.

The platform is part of the Community of Expertise - a global initiative to boost sustainable agricultural development and food security through increased use of ICT –that includes policymakers, rural service providers, development practitioners, farmers, researchers and ICT specialists.

"We are confident that the e-agriculture Community of Expertise will help facilitate further global discussions and decisions facing farmers, Governments and the international community at large related to the role that ICT can have in agriculture and rural development," said the Director of FAO's Knowledge Exchange and Capacity Building Division, Anton Mangstl.

More than 3,400 people from 135 countries participated in an online survey and in virtual forums to help develop the platform.

Although the digital divide is shrinking, only 18 per cent of the global population has access to the Internet. The UN International Telecommunication Union (ITU) estimates that one billion people worldwide - most of whom depend in some way on agriculture for their livelihoods - still lack connection of any kind to ICT.

To access the press release from the United Nations News Centre, click here

For more information on e-agriculture activities related to the World Summit on the Information Society (WSIS), click here

Monday, 01 October 2007 11:32:39 (W. Europe Standard Time, UTC+01:00)  #     | 

Om Malik of GigaOm writes about the popularity of the One Laptop Per Child project among kids and the problem of internet connectivity and infrastructure in the emerging economies. He sites the success and impact of the OLPC project on children in Brazil as expressed by the Brazilian Culture Minister Gilberto Gil on his speech at the Emerging Technologies (EmTech) Conference at MIT. However, the nation is not yet ready to pick up on this demand because of the lack of network infrastructure in the country. "We can’t just distribute computers. We have to build a backbone. Just making the technology accessible is not enough. Technology leads to language, to spiritual dimensions. It’s the whole process that matters. It’s not just one item, computers are not enough," says Gil.

However, John Roese, chief technology office of Nortel (NT), wrote on his blog about OLPC and the concept of hyperconnectivity saying that "while OLPC is not a Nortel product, it is a tool to stimulate the R&D teams to consider new communication models of hyper connectivity, new programming models and new collaboration methods. It also represents a new type of client, as well as new economic and networking models that are possibly a reflection of the future nature of broadband networking."

Read the full article here.

Monday, 01 October 2007 09:20:20 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 27 September 2007

CNN, on their article "Sources: Staged cyber attack reveals vulnerability in power grid," reports on how an experimental cyber attack conducted by researchers caused a generator to self-destruct. CNN captured a video of the generator shaking and smoking, and then shutting down. This new revelation has consequently alarmed the federal government and the electrical industry on the possibilities if such an attack were carried out on a larger scale. "Sources familiar with the experiment said the same attack scenario could be used against huge generators that produce the country's electric power. Some experts fear bigger, coordinated attacks could cause widespread damage to electric infrastructure that could take months to fix." The staged cyber attack, dubbed "Aurora," was conducted in March at the Department of Energy's Idaho lab.

Learn more about the staged cyber attack and continue reading the article here.

Thursday, 27 September 2007 09:50:11 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 26 September 2007

OECD has recently released its September 2007 issue of its newsletter. "OECD Information and Communication Policy News was launched in June 2006. Every quarter, it brings the latest news, statistics and best practice recommendations from the OECD on Information and Communication Policy, including policy for communication infrastructures and services, the information economy, security and privacy, and consumer protection." For more information, visit the OECD website.

Wednesday, 26 September 2007 15:08:55 (W. Europe Standard Time, UTC+01:00)  #     | 

A presentation on the ITU-D Question 17-2/2: Progress on activities for e-services/applications in the world was given on 25 September 2007 by Robert Shaw, head of the ICT Applications and Cybersecurity Division (CYB) of the Telecommunication Development Sector to the ITU-D Study Group 2. The presentation discusses the different e-Application areas in the division such as e-Environment, e-Government and e-Health. More on the CYB ICT Applications activities here.

Wednesday, 26 September 2007 09:08:59 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 25 September 2007

Sophos recently reported on the hefty jail sentences that the pump-and-dump stock spam gang faces today. 47-year-old Michael Saquella (also known as Michael Paloma), 63-year-old Lawrence Kaplan, 38-year-old Henry Zemla and 26-year-old Justin Medlin have all pleaded guilty to being part of an international gang that spammed out fraudulent news stories to create artificial demand in stocks, pumping up the share price of 15 small companies (Beverly Hills Film Studios; Body Scan; Cor Equity Holdings; Courtside Products; eDollars, IFINIX; Integrity Messenger; Latin Heat Entertainment; Motion DNA; PokerBook Gaming; TKO Holding; Trans-Global Holdings; V3 Global; Xtreme Technologies; and Zuma Beach Entertainment) and raising more than $20 million from investors. The four men are now facing between 5-10 years in prison.

"Pump and dump stock campaigns work by spammers purchasing stock at a cheap price and then artificially inflating its price by encouraging others to purchase more (often by spamming "good news" about the company to others). The spammers then sell off their stock at a profit. Sophos experts report that pump-and-dump stock campaigns account for approximately 25 percent of all spam, up from 0.8 percent in January 2005. Earlier this year, Sophos reported how the US Securities and Exchange Commission (SEC) had suspended trading in 35 companies as they were found to be commonly referenced in pump-and-dump stock email campaigns."

Read the full article here.

Tuesday, 25 September 2007 08:55:09 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 24 September 2007

A presentation on the ITU-D Cybersecurity Initiatives was given today, 24 September 2007, by Robert Shaw, head of the ICT Applications and Cybersecurity Division of the Telecommunication Development Sector to the ITU-T Study Group 17. The ITU Cybersecurity Work Programme to Assist Developing Countries, the ITU-D Study Group Question 22/1, the Self-Assessment Toolkit and the ITU Botnet Mitigation Toolkit were discussed among others. More on the ITU-T Study Group 17 here.

Monday, 24 September 2007 15:27:17 (W. Europe Standard Time, UTC+01:00)  #     | 
 Sunday, 23 September 2007

A story at Slashdot points to a article with a quote from McAfee CEO David DeWalt, who says that cyber-crime has become a US$105 billion business that now surpasses the value of the illegal drug trade worldwide. Despite the increase in government compliance requirements and the proliferation of security tools, companies continue to underestimate the threat from phishing, data loss, and other cyber vulnerabilities, DeWalt said. 'Worldwide data losses now represent US$40 billion in losses to affected companies and individuals each year, DeWalt says. But law enforcement's ability to find, prosecute, and punish criminals in cyberspace has not kept up: "If you rob a 7-11 you'll get a much harsher punishment than if you stole millions online," DeWal remarked. "The cross-border sophistication in tracking and arresting cyber-criminals is just not there."'

Sunday, 23 September 2007 16:31:03 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 21 September 2007

The Consumer Electronics Association (CEA) launched a press release on 19 September 2007 on a study commissioned to investigate the impact of telecommuting and e-commerce on energy consumption, greenhouse gas emissions, and liquid fuel consumption.

The study found that one day of telecommuting - using consumer electronics such as personal computers and wireless networks - would save the equivalent of up to 12 hours of an average household's electricity use in the United States. The findings also indicate that the level of CO2 reduction would be equal to removing 2 million vehicles from the road every year.

To read the study, click here.

Friday, 21 September 2007 18:16:24 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 19 September 2007

The International Trade Centre's e-Trade Development Unit published its latest newsletter today, which highlights the topics as follows:

  • ITC joins the UN Global Alliance for ICT and Development;
  • Mali K7: an African Record Company aims at the Global Market;
  • Training on e-Commerce targets SMEs in Tehran;
  • Interview with Mr. Walid Kooli, e-Commerce focal point in Tunisia;
  • Report from the field: ETDU in Iran;
  • Knowledge Process Outsourcing (KPO) event mobilizes African firms;
  • Helping Developing Countries migrate towards Paperless Trade;
  • Paperless trade - how does it work?
  • Bangladesh designs a strategy for its technology sector.
Wednesday, 19 September 2007 16:28:48 (W. Europe Standard Time, UTC+01:00)  #     | 

The Portuguese Government and the European Commission are jointly organising the fourth Ministerial eGovernment Conference entitled “Reaping the Benefits of eGovernment” in Lisbon from 19 to 21 September 2007.

Topics to be covered during the workshops at the conference include the analysis of experience and results of the e-government initiatives at European level such as:

  • Research and Technological Development in Electronic Government;
  • Public Sector Innovators;
  • eGovernment standards;
  • Benefits for All derived from Electronic Government;
  • Benefits of the electronic infrastructure in e-government, e-health and e-learning.
Wednesday, 19 September 2007 13:24:51 (W. Europe Standard Time, UTC+01:00)  #     | 

The ENISA / CERT/CC Workshop on Mitigation of Massive Cyberattacks is held today, 19 September 2007, in Porto, Portugal. "This workshop will bring together experts from established CERTs with newcomers, project managers and policy makers from the EU Member States. The renowned experts from CERT/CC will organise the program and co-chair the workshop. The program and the discussion this year are dedicated to the topic The role of CERTs in mitigating massive cyber attacks - Cooperation as a key-factor for success." More information on the workshop can be found here. A presentation on The Importance Of Global Cooperation, Tools, Mechanism & Partnerships by Robert Shaw, Head, ICT Applications and Cybersecurity Division, ITU Telecommunication Development Sector is also available online.

Wednesday, 19 September 2007 09:22:38 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 18 September 2007

According to an article in Computer Weekly, Arbor Networks' Third Annual Worldwide Infrastructure Security Report highlights botnets and the increased size of distributed denial of service (DDoS) attacks as a growing threat to ISPs. For the first time, botnets surpassed DDoS attacks as the top threat identified by service providers. [Via ISN]

Tuesday, 18 September 2007 09:03:15 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 17 September 2007

The Washington Post reports on Google's call for new international standards on the collection and use of consumer data. "Peter Fleischer, global privacy counsel for Google, told a U.N. audience in Strasbourg, France, that fragmentary international privacy laws burden companies and don't protect consumers. He argued for an international body such as the United Nations to create standards that individual countries could then adopt and adapt to fit their needs. 'The ultimate goal should be to create minimum standards of privacy protection that meet the expectations and demands of consumers, businesses and governments,' Fleischer said, according to a transcript of the speech provided by Google."

Investigations over Google's privacy practices are currently conducted by the European Union. There have been controversy and criticisms on Google's privacy policies and its planned $3.1 billion merger with DoubleClick, an online advertising broker that sells banner and video ads. Critics argue that the merger which would enable the company to collect information on which sites users visit, would hurt competition in online advertising, and that it would aggregate too much consumer data in the hands of one company. According to Marc Rotenberg, executive director of the Electronic Privacy Information Center and a critic of the DoubleClick merger, "Google, under investigation for violating global privacy standards, is calling for international privacy standards... It's somewhat like someone being caught for speeding saying there should be a public policy to regulate speeding."

Fleischer proposes the privacy framework developed by the Asia-Pacific Economic Cooperation forum, which he refers to as a balance between information privacy, and business needs and commercial interests. However, critics say that the APEC standards are too lenient. Rotenberg adds further that the APEC rules put the burden on consumers, who must demonstrate that a company's privacy policy has harmed them. Guidelines developed in 1980 by the Organization for Economic Cooperation and Development which influenced the European Union's privacy laws and are usually preferred by privacy advocates, generally focus on the violation of privacy as a right rather than a demonstration of harm caused by the violation.

To read the full article, click here.
Read more about Peter Fleischer's views on privacy on his blog.

Monday, 17 September 2007 14:01:03 (W. Europe Standard Time, UTC+01:00)  #     | 

The Wall Street Journal Online reports on the five-year sentence given to Irving Escobar, a ring leader in a TJX Cos. linked credit-card fraud. He "was sentenced to five years in prison and has been ordered to pay nearly $600,000 in restitution for damages resulting from stolen financial information, Florida officials said. The sentencing follows a guilty plea by Mr. Escobar, 19 years old, of Miami, to charges that he participated in a 10-person operation that used counterfeit cards bearing the stolen credit-card data of hundreds of TJX customers to purchase approximately $3 million in goods and gift cards."

Read more on this news article here.

Monday, 17 September 2007 11:22:03 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 14 September 2007

Bruce Schneier has posted an entry on his blog arguing that if we want home users to be secure, we need to design computers and networks that are secure out of the box, without any work by the end users. “There simply isn't any other way.”

Friday, 14 September 2007 21:00:53 (W. Europe Standard Time, UTC+01:00)  #     | 

Interpol proposed on Wednesday the creation of global and regional anti-crime centres to fight criminal activity online and respond quickly to emergency cybercrime alerts. During an international cybercrimes conference in New Delhi, Interpol Secretary-General Ronald K. Noble said that the Internet should not be allowed to become a place where criminals have the upper hand and can escape punishment. Officials from 37 countries discussed identity theft, online bank fraud, Internet gaming and the risks of online terrorist activity during the two-day conference organized by Interpol.

To read the full article, click here.

Friday, 14 September 2007 08:59:56 (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, 13 September 2007

At the first Regional Conference on Literacy taking place in Mali this week, Angola's Minister of Education underlined the importance of literacy skills to foster health prevention in Africa as the Angola Press Agency reported yesterday via All Africa.

In order to reach the objectives of the National Plan of Education for All by 2015, information and communication technologies (ICTs) are now used as tools to promote autodidactic learning and to train citizens on matters related to health primary care, personal hygiene, HIV/Aids and environment.

To read more, click here.

Thursday, 13 September 2007 10:32:18 (W. Europe Standard Time, UTC+01:00)  #     | 

The European Union proposes that internet searches for bomb-making instructions should be filtered and blocked across the European Union. "Internet providers should also prevent access to any site giving instructions on how to make a bomb, EU Justice and Security Commissioner Franco Frattini said in an interview... The EU executive is to make this proposal to member states early in November as part of a raft of anti-terrorism proposals. These include the screening of private data of passengers flying into the 27-nation bloc and the creation of an early warning system to alert police forces to thefts of explosives. Representatives of the Internet industry are meeting the EU on Tuesday, the sixth anniversary of al Qaeda's September 11 attacks on the United States, at a European Security Research and Innovation Forum. The Internet has taken on huge importance for militant groups, enabling them to share know-how and spread propaganda to a mass audience, as well as to link cell members."

Read the full article on Reuters.

Thursday, 13 September 2007 09:38:23 (W. Europe Standard Time, UTC+01:00)  #     | 

InfoWorld has announced the 2007 Bossie Awards for the Best of Open-Source Software. Awards were given to 36 winners across 6 categories. Among the honorees are SpamAssassin, ClamAV and Nessus in security, Wireshark and Azureus Vuze in networking, and ZFS for storage.

Read more of this story at InfoWorld.

Thursday, 13 September 2007 08:50:47 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 12 September 2007

The e-Government Global Dialogue, Citizen-Centric Government: One-Stop Multi-Channel Service Delivery for All, will be held on Tuesday, 18 September 2007, 8:00-10:30 am ET at Room MC2-137, 1818 H Street NW in Washington, DC. It will also be accessible via live webcast.

"The government of the future is a citizen-centric government and the one-stop approach is a quintessential expression of citizen centricity. This seminar, initiated by the Moscow City Government is integral part of Single Window Conference taking place in Zelenograd district of Moscow on Sep 18-20, which will bring together some 300 government officials and other stakeholders from multiple Russian regions as well as the audiences in other transition and developing countries. The seminar will enable policy-makers to get a snapshot of international experience, analyze critical success factors, lessons learned and implementation challenges in citizen service center projects, and explore a symbiotic relationship between the citizen service centres and other service delivery channels. Case studies of citizen service center projects will also be presented, and the following issues will be discussed in more detail: the profile, skills, professional background for one-stop citizen service centers; the legal status / organizational form of citizen service centers; and the relations and linkages between citizen service centers and the government agencies."

More information about this event is available here.
Interested participants may also join via the Live Webcast / Online Discussion.

Wednesday, 12 September 2007 14:24:09 (W. Europe Standard Time, UTC+01:00)  #     | 

John E. Dunn reports on Techworld how the global market for criminal malware operates like a supermarket, complete with special offers and volume discounts, as a security company has discovered. On Panda Software’s latest quarterly report, the going rate for a reasonably sophisticated but generic Trojan is between £175 ($350) and £350 ($700), while the email list with which to target victims for the program costs from £50 ($100) per million names. The malware writers even offer specials – in one case the company discovered a site selling a ‘payment capture’ Trojan for £200 ($400) to the first 100 customers to sign up, a saving of £50 ($100) off the normal rate. "In recent months we have witnessed the growing professionalisation of digital crime," said Panda Software’s lab chief Luis Corrons. "The first step for cyber-crooks was when they started looking for profits from their activity instead of just notoriety. Now they are creating a vast online malware market, where there are even specialised segments. New business models are appearing, as we speak," he said.

Corrons adds that the malware industry now appears to be turning from being just a shop from which malware can be bought, to one where services are offered. For between one and five dollars per executable, malware could be cloaked - encrypted - against the anti-virus software programs it was likely to encounter on a for-hire basis. Finally, criminals could rent spam servers for £250 a time to distribute their assembled malware package, the company said. Corrons also provides details of the cost of hiring DDoS attacks in his blog.

Read the full article here.

Wednesday, 12 September 2007 09:31:16 (W. Europe Standard Time, UTC+01:00)  #     | 

An article on The Economist discusses RBN (Russian Business Company), the threats it poses to global cybersecurity, and the lack of cooperation from the Russian government. VeriSign classifies RBN as "“the baddest of the bad"”. The anonymity of the group and its senior figures who are only known through their nicknames, and the apparent backing of politicians have led to the continuing success of its operations. "'“RBN is a for-hire service catering to large-scale criminal operations,”' says the report. It hosts cybercriminals, ranging from spammers to phishers, bot-herders and all manner of other fraudsters and wrongdoers from the venal to the vicious. Just one big scam, called Rock Phish (where gullible internet users were tricked into entering personal financial information such as bank account details) made $150m last year, VeriSign estimates." Another difficulty RBN poses is its ability to fight back. This had been evident in the Rock Phish attack to the National Bank of Australia in October 2006. After taking active measures against the attack, RBN fought back by taking down the bank’s home-page for three days.

Despite VeriSign having tracked down the physical location of RBN’s servers and the Western law enforcement officers' pressure on their Russian counterparts to pursue the investigation vigorously, RBN remains confident and active. According to VeriSign, "only strong political pressure on Russia will make the criminal justice system there deal with this glaring example of cyber-illegality."

To read the full article, go to The Economist.

Wednesday, 12 September 2007 09:17:38 (W. Europe Standard Time, UTC+01:00)  #     | 

A new mobile system where one makes calls directly between phones, for free, is being trialled by TerraNet, a Swedish company, in hopes of dramatically improving communications in the developing world. "TerraNet has developed the idea using peer-to-peer technology that enables users to speak on its handsets without the need for a mobile phone base station. The technology is designed for remote areas of the countryside or desert where base stations are unfeasible. Projects backed by TerraNet recently launched in Tanzania and Ecuador. The TerraNet technology works using handsets adapted to work as peers that can route data or calls for other phones in the network. The handsets also serve as nodes between other handsets, extending the reach of the entire system. Each handset has an effective range of about one kilometre. This collaborative routing of calls means there is no cost to talk between handsets. When a TerraNet phone is switched on, it begins to look for other phones within range. If it finds them, it starts to connect and extend the radio network. When a number is dialled a handset checks to see if the person being called is within range. If they are, the call goes through. While individually the phones only have a maximum range of 1km, any phone in between two others can forward calls, allowing the distance to double. This principle applied many times creates a mini network. However, TerraNet founder Anders Carlius admitted that this has created big problems with having enough available frequencies. The system can also be used to make calls to other TerraNet mesh networks via a net-connected PC fitted with an inexpensive USB dongle."

Currently, this new system only works with a special handset, but "Mr Carlius said he hopes that it will eventually be a feature available on all phones, like Bluetooth. He said that were this to happen, it could potentially spell the end for the current Global System for Mobile (GSM) communications model which is used by about 70% of all mobile phones." Most large mobile companies seem skeptical at the moment, but according to Mr Carlius, mobile phone manufacturer Ericsson had invested around £3m in TerraNet.

Read the full article on BBC News.

Wednesday, 12 September 2007 08:02:10 (W. Europe Standard Time, UTC+01:00)  #     | 

A Swedish security researcher, Dan Egerstad, has recently revealed how he collected 100 passwords from embassies and governments worldwide by sniffing Tor exit routers. Egerstad explains on his blog how he did it, and calls attention to and re-iterates the lack of appreciation for cybersecurity among organizations worldwide.

Read related article on Ars Technica here.

Wednesday, 12 September 2007 07:58:16 (W. Europe Standard Time, UTC+01:00)  #     | 

Computerworld reports on a worm targeting Windows PCs that is spreading through Skype's instant messenger, making the Voice over IP (VoIP)'s chat software the next target. Dubbed Ramex.a by Skype spokesman Villu Arak, but pegged Pykspa.d by Symantec, the worm takes a typical instant messenger (IM) line of attack: After hijacking contacts from an infected machine's Skype software, it sends messages to those people that include a live link. Recipients who blithely click on the URL, which poses as a JPG image but is actually a download to a file with the .scr extension, wind up infected. Arak also listed instructions for removing the worm from infected PCs, but they included changes to the Windows registry, a chore most users are hesitant to try. Ramex.a/Pykspa.d injects code into the Explorer.exe process to force it to run the actual malware, a file named wndrivsd32.exe, periodically. The worm also plugs in bogus entries in the Windows hosts file so that installed security software won't be able to retrieve updates.

Skype is only the latest IM client to fall victim to hackers. Both Yahoo Messenger and Microsoft Corp.'s MSN/Live Messenger have been targeted this summer. Exploit code designed to hijack Windows PCs running Yahoo Messenger appeared as early as June, and Yahoo has been forced to patch the IM client several times since. Microsoft, meanwhile, has scheduled fixes for its MSN Messenger and Windows Live Messenger software for tomorrow, presumably to quash a webcam bug that was disclosed late last month.

Read more of this article here.

Wednesday, 12 September 2007 07:55:46 (W. Europe Standard Time, UTC+01:00)  #     |