Within many organisations offering online services to the public, there must be a great temptation to expire redundant user accounts that occupy desirable user IDs but which are never used by their users. Presumably the user IDs have been registered by someone, used on a couple of occasions, and then forgotten about. Expiring and recycling these user IDs and offering them to new users allows the organisation to better manage the quantity of unique User IDs, and also allows new users to potentially own the user ID that they desire.
On 20th June, Yahoo! announced that they will be expiring user IDs that have been unused for over 12 months in order to offer them to users.
“you want a Yahoo! ID that’s short, sweet and memorable, like firstname.lastname@example.org instead of email@example.com”, described Jay Rossiter, SVP of Platforms at Yahoo! .
Yahoo! is not the only webmail provider that expires inactive users and recycles their email addresses. Recently, researchers at Rutgers University identified that Hotmail also reissues email addresses that have been dormant for some time . Yahoo! should be applauded for publicly raising the issue, describing their criteria for expiring accounts, and calling for users to access their accounts if they wish to prevent this happening. Read More »
Tags: email, TRAC
It is not new that people are referring to Bring Your Own Device (BYOD) as Bring Your Own Malware (BYOM). In 2012 alone, Android malware encounters grew 2,577 percent (for details, see Cisco’s Annual Security Report). Many organizations are struggling to keep up with the BYOD trend by allowing employees to bring their favorite gadgets to the office to increase productivity and employee satisfaction. However, they are also struggling when trying to protect critical corporate assets, user’s data, and intellectual property in their employees’ mobile devices. Read More »
Tags: byod, Cisco Live 2013, Cisco Live Orlando, Cisco Security, cisco sio, malware, mobility
UPDATE: This blog post is related to the redirection of domain name servers that occurred back in June 2013. This post is NOT related to the ongoing activity occuring July 16, 2013. Cisco TRAC is currently analyzing the ongoing issues with Network Solutions’ hosted domain names and has more information available here.
Multiple organizations with domain names registered under Network Solutions suffered problems with their domain names today, as their DNS nameservers were replaced with nameservers at ztomy.com. The nameservers at ztomy.com were configured to reply to DNS requests for the affected domains with IP addresses in the range 188.8.131.52/24. Cisco observed a large number of requests directed at these confluence-network IP addresses. Nearly 5000 domains may have been affected based on passive DNS data for those IPs.
Traffic hits to 184.108.40.206/24
Read More »
Tags: dns, TRAC
Are you thinking about the evolving threat landscape? You should be. Each day, new vulnerabilities are found and new exploits are crafted. Attackers are becoming increasingly sophisticated, while industry trends such as cloud computing and mobility are rapidly expanding the attack surfaces. Your mobile device could act like a Trojan horse, passing right through your network perimeter. Or your compromised server could spread an infection to your most sensitive assets.
This is the first in a series of blog posts that focuses on how Cisco stays ahead of the latest security threats. Of course, to stay on top of something as fast changing and widespread as security threats, you need to understand them in great detail.
And that’s what the Cisco 2013 Annual Security Report (ASR) and Cisco Security Intelligence Operations (SIO) offer. Read More »
Tags: analytics, cisco annual security report, Cisco Security Intelligence Operations, evolving threat landscape, infographic, intelligence graph
Back in the old days, when security was much more of an afterthought, it was obvious that miscreants were familiar with the principle of least effort. Information security was still in its Wild West days. Managed disclosure and patching did not really exist. Most companies were just coming to realize they would need to put some effort into securing their assets. I was tasked with most of the security deployments and forensic investigation at a startup hosting company. We had a lot of bandwidth (at the time) and a lot of poorly managed servers. You could watch our gateway and know when a new vulnerability was discovered in the underground. You could see miscreants scanning for a specific service in a specific network. Miscreants had done their homework, and knew where the vulnerable hosts resided. This targeting was efficient. Sure enough, hosts would start being compromised and a few days later some sort of official disclosure would happen detailing the vulnerability the miscreants had been scanning for. Read More »
Tags: botnet, brute force, Cisco Security, cisco sio, WordPress