ISP Security


Using Customer Premise Equipment to Take Over the Internet

It’s the ultimate what-if scenario: What if an attacker could own all the customer premises equipment (CPE) doled out by ISPs such as routers and modems? Would it be trivial with available scanning equipment and other tools to find vulnerable gear, and then modify and re-upload the firmware to be able do anything such as control Web traffic, launch DDoS attacks, or even disconnect large blocks of machines from the Internet?

ISP 3FN.net Shut Down By Feds

A federal judge has permanently pulled the plug on a California web
hosting provider accused of harboring a “witches’ brew” of pernicious
content on behalf of child pornographers, spammers, and malware
purveyors. Read the full article. [The Register]

Net Solutions’ Hack Heightens Role of ISP in App Layer Security

According to research, the malicious iframe used in the latest Network Solutions attack pointed to corpadsinc.com which then downloads Adobe exploits onto victims’ machines. The hacks raise an issue increasingly being faced by Website owners: what’s the responsibility of the ISP or service or cloud provider to provide more application-layer security?


Security blogger Brian Krebs has compiled lists of the top 10 ISPs who are hosting the worst botnets, spam, phishing, and other malware from independent tracking organizations. These lists come from: Stop Badware, F.I.R.E., Phishtank, Zeustracker, Malware Domain List, Arbor Top ASN List, Emerging Threats Compromised IPS, Emerging Threata RBN, Shadowswerver, and Google Safebrowsing. Read the full article. [KrebsonSecurity]

Over the past week, security researchers and vendors have been playing a cat-and-mouse game with a cybercrime-friendly ISP known as TROYAK-AS. The results so far? A series of attempts by the cybercriminals to restore access to their botnet, and an invaluable learning experience for the community, with the gang exposing node after node of malicious activity. Read the full article. [ZDNet]

A network frequently used for malware delivery was shut down Wednesday night, probably against the will of its operators. Troyak.org, an Internet service provider well-known for
serving Zeus botnets and other malware delivery methods, went dark
overnight, resulting in the shutdown of as many as 25 percent of the
world’s Zeus botnets, according to researchers. Read the full article. [Dark Reading]

Japan’s “Cyber Clean Center” is a little-known effort by the Japanese Computer Emergency Response Team Coordination Center (JP-CERT) and a collection of 76 Japanese ISPs covering 90 percent of the nation’s Internet users to fight botnets and other security issues. Read the full article. [KrebsonSecurity]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.