Zeus botnet dealt a blow as ISP Troyak knocked out: Via Computerworld Cybercrime/Hacking News.

Internet service providers linked to the notorious Zeus botnet have been taken down, knocking out a third of the command-and-control servers that run the network of hacked machines.

Two ISPs, named Troyak and Group 3, were home to 90 of the 249 known Zeus command-and-control servers. Zeus Tracker, a Web site that tracks the botnet, noticed the steep drop in servers on Wednesday morning.

The Troyak network was itself an upstream provider to six networks, known to host a large number of cybercrime servers, including Web sites used in drive-by attacks and phishing sites, according to Kevin Stevens, a researcher with SecureWorks. "There's lots of Zeus and Fragus exploit kit [sites]," he said. Whoever was behind the takedown "just decided to knock out a large area of cybercirme, and this was probably one of the easiest ways to do it." [ Read more ... ]

EU has doubts as ISP rolls out DPI for copyright enforcement: Via Law & Disorder Section - Ars Technica.

Back in November, UK ISP Virgin Media announced that it would start using deep packet inspection gear to start riffling through user traffic. The goal was to search some of the leading P2P networks in order to measure copyrighted material passing through them. Today, the European Commission indicated that the plan is problematic, and it will keep a close eye on the trial. [ Read more ... ]

Judge Refuses to Lift 5-Year-Old Patriot Act Gag Order: Via Threat Level.

A federal judge on Tuesday declined to remove a gag order imposed on the president of a small ISP who wants to reveal the contents of a national security letter he received from the FBI.

The NSL demanded the president of the New York company provide the government with e-mails from a customer the government deemed a threat. An NSL, a type of self-issued subpoena fortified by the Patriot Act, allows the FBI to obtain telecommunication, financial and credit records relevant to a government investigation without a court warrant.

The case last hit the courts in December, when the 2nd U.S. Circuit Court of Appeals, in a decision with Sonia Sotomayor in the majority, narrowed the standard by which recipients of NSLs must keep mum.

Those supplying the requested data to the government are forbidden from disclosing their mandatory cooperation, and face up to five years in prison for breaching the gag. The government issues about 50,000 NSLs each year, and an internal audit showed widespread government abuse in connection to them. [ Read more ... ]

ISP filches open WiFi in fight against three-strikes law: Via Law & Disorder Section - Ars Technica.

One of the arguments against disconnecting repeat Internet copyright infringers is that an IP address doesn't reveal anything about who actually did the infringing. People who run open or insecure WiFi networks, for instance, might well have "infringement" correctly associated with their IP address when other people use the connection—but how is it fair to disconnect or sanction them? [ Read more ... ]

Congress Is Losing Its Chance To Reform The Patriot Act: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

(Originally posted on Huffington Post.)

Tomorrow the Senate Judiciary Committee will continue its debate over a bill that reauthorizes three Patriot Act provisions due to expire on December 31. The bill, The USA PATRIOT Act Sunset Extension Act, includes minor tweaks to the Patriot Act but does not go nearly far enough to thoroughly protect the Fourth Amendment rights of Americans.

The Patriot Act is a reactionary law. It was passed 45 days after 9/11 with virtually no debate and granted the government sweeping surveillance powers including the ability to conduct secret searches of Americans’ homes without warrants or even the presence of the resident.

Easily one of the most dangerous powers handed over in the Patriot Act was the expansion of the National Security Letters (NSL) statute which allows the government to demand a huge variety of our information (medical records, tax records, books we borrow from the library, etc.) from recipients like Internet service providers (ISP), financial institutions, and libraries without any proper judicial oversight. Oh, and it contains a gag order for recipients. The Department of Justice Office of the Inspector General has released two consecutive reports in the last several years detailing the FBI’s flagrant and systemic misuse of the NSL statute. [ Read more ... ]

ISP Filters & Copyright Extension Defeated In EU - Via Slashdot: Your Rights Online:

I Don't Believe in Imaginary Property writes "Last November, EU regulators in the European Parliament's Committee on Culture and Education began looking at how culture affects the economy and recommended a 'balance between the opportunities for access to cultural events and content and intellectual property' saying that 'criminalizing consumers so as to combat digital piracy is not the right solution.' Industry lobbyists, of course, immediately sprang into action to try to turn that around, writing amendments that would set up mandatory ISP copyright filters and extend EU copyrights to match the USA's life-plus-70 term. Thankfully, the committee rejected all of those amendments: 'Clearly, they're not going to let the ITRE or the European recording industry push them around, which is great news for Europeans. Now if we could only get the US Congress to show as much spine as the French (ouch).'"

(Read Original Article - Via Slashdot: Your Rights Online.)

Large Asian Country Hires Firms to Build Nationwide ISP and Phone Surveillance System:

Two little known companies in the Homeland Security Complex announced they have landed a contract with an unnamed major Asian country to design and install a country-wide data retention system capable of storing and searching trillions of internet and phone transactions. [ Read more ... ]

Australia to Offer Widespread ISP-level Filtering: "Phurge writes 'According to a Sydney Morning Herald article, the Australia government has decided to take the controversial step of having internet service providers filter web content at the request of parents, in a crackdown on online bad language, pornography and child sex predators. 'The more efficient compulsory filtering of internet service providers (ISPs) was proposed in March last year by the then Labor leader, Kim Beazley. [ Read more ... ]

Ruling Endangers Privacy in Email and IP Addresses: "

The Ninth Circuit recently held [PDF] in US v. Forrester that the Fourth Amendment does not protect against government surveillance of the to/from addresses of one's email messages, the IP addresses of websites one has visited, and the total volume of information transmitted to or from one's ISP account. [ Read more ... ]

ISP Seen Breaking Internet Protocol to Fight Zombie Computers -- Updated: "

Internet service provider Cox Communications'is reportedly diverting attempts to reach certain online chat channels and redirecting them to a server that attempts to remove spyware from the computer.''By doing so the'company seems to be attempting to'cleanse computers of malware that hijacks the computers resources to send spam and participate in online service attacks as part of a large network of compromised computers known as a botnet.'

Specifically, Cox's DNS server'is responding to a domain name request for an Internet Relay Chat server. Instead of responding with the correct IP address for the server, Cox sends the IP address of its own IRC'server (70.168.70.4).' That server then sends commands to'the computer that attempt to'remove malware.'

The resulting chat'session, as reported to a network administrator mailing list, looks like this:' [ Read more ... ]

Email Protected by 4th Amendment, Court Says: "

The Sixth Circuit Court of Appeals ruled yesterday, in Warshak v. U.S., that people have a reasonable expectation of privacy in their email, so that the government needs a search warrant or similar process to access it. The Court’s decision was swayed by amicus briefs submitted by EFF and a group of law professors. [ Read more ... ]

Slashdot | ISP Closes Webmail After Spammers Get Addresses: "An anonymous reader writes "Error prone British ISP PlusNet, who you might remember for accidentally deleting 700GB of customer's e-mail last year, have done it again with a major security gaffe.

Their webmail service was compromised this week, and spammers got hold of customers' e-mail addresses who they've been happily spamming away ever since. They've since made the decision to close their webmail service, in the ultimate admission of incompetence for the now BT owned ISP. [ Read more ... ]

RIAA Secretly Tries to Get ISP Subscriber Info: NewYorkCountryLawyer writes "In an attempt to change the rules of the game, the RIAA secretly went to a federal district court in Denver with an ex parte application. The goal was to get the judge to rule that the federal Cable Communications Policy Act does not apply to the RIAA's attempts to get subscriber information (pdf) from cable companies. [ Read more ... ]