Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register domains that combine a popular trademark with one or more phrases (e.g., betterfacebook[.]com, youtube-live[.]com). We perform the first large-scale, empirical study of combosquatting by analyzing more than 468 billion DNS records---collected from passive and active DNS data sources over almost six years. We find that almost 60% of abusive combosquatting domains live for more than 1,000 days, and even worse, we observe increased activity associated with combosquatting year over year. Moreover, we show that combosquatting is used to perform a spectrum of different types of abuse including phishing, social engineering, affiliate abuse, trademark abuse, and even advanced persistent threats. Our results suggest that combosquatting is a real problem that requires increased scrutiny by the security community.Comment: ACM CCS 1

REFORMATION OF LAW ENFORCEMENT OF CYBER CRIME IN INDONESIA

Technological progress and the presence of globalization in third world countries including Indonesia has a variety of consequences, this includes the negative impact of increasing cybercrime in Indonesia. Increasing cybercrime in the community with a variety of increasingly sophisticated modus operandi, in reality, is not balanced by the existence of a comprehensive legal umbrella, and also the absence of adequate facilities and pre-facilities is a separate issue in the enforcement of cybercrime cases in a dynamic society. Enforcement weaknesses are the lack of human resources of investigators who understand cybercrime and the lack of means and pre-law enforcement facilities in cybercrime. so it is necessary to increase the HR of the relevant law enforcers as well as the improvement of facilities and pre-facilities related to law enforcement in cybercrime. Enforcement weaknesses are the lack of human resources of investigators who understand cybercrime and the lack of means and pre-law enforcement facilities in cybercrime. So it is necessary to increase the HR of the relevant law enforcers as well as the improvement of facilities and facilities related to law enforcement in cybercrime

VISTA:an inclusive insider threat taxonomy, with mitigation strategies

Insiders have the potential to do a great deal of damage, given their legitimate access to organisational assets and the trust they enjoy. Organisations can only mitigate insider threats if they understand what the different kinds of insider threats are, and what tailored measures can be used to mitigate the threat posed by each of them. Here, we derive VISTA (inclusiVe InSider Threat tAxonomy) based on an extensive literature review and a survey with C-suite executives to ensure that the VISTA taxonomy is not only scientifically grounded, but also meets the needs of organisations and their executives. To this end, we map each VISTA category of insider threat to tailored mitigations that can be deployed to reduce the threat

What's in a Name? Understanding Profile Name Reuse on Twitter

Users on Twitter are commonly identified by their profile names. These names are used when directly addressing users on Twitter, are part of their profile page URLs, and can become a trademark for popular accounts, with people referring to celebrities by their real name and their profile name, interchangeably. Twitter, however, has chosen to not permanently link profile names to their corresponding user accounts. In fact, Twitter allows users to change their profile name, and afterwards makes the old profile names available for other users to take. In this paper, we provide a large-scale study of the phenomenon of profile name reuse on Twitter. We show that this phenomenon is not uncommon, investigate the dynamics of profile name reuse, and characterize the accounts that are involved in it. We find that many of these accounts adopt abandoned profile names for questionable purposes, such as spreading malicious content, and using the profile name's popularity for search engine optimization. Finally, we show that this problem is not unique to Twitter (as other popular online social networks also release profile names) and argue that the risks involved with profile-name reuse outnumber the advantages provided by this feature