Home M3AAWG Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

M3AAWG 49 Session: IoT Security Testing

Submitted by M3AAWG Content Manager on Jun 01, 2020

Author: Ash Wilson, Co-Chair, M3AAWG IoT Special Interest Group

Gartner forecasts that over 20.4 billion IoT devices will be in use by the end of 2020. These devices, while exciting, present complex security challenges that if produced without proper testing can leave sensitive information exposed to attack. As we continue to introduce new devices to the network, it's imperative that manufacturers and researchers implement testing methodologies that take a holistic view at the IoT device ecosystem to protect the privacy and security of companies and consumers alike.

Categories: 
IoT
Tags: 
IoT

M3AAWG State of the Union: DDoS Attacks

Submitted by M3AAWG Content Manager on May 29, 2020

By Andrew Cockburn, Principal Consulting Engineer, NETSCOUT, and Rich Compton, DDoS Special Interest Group Chair, M3AAWG; Principal Network Security Engineer III, Charter Communications

This is the first installment of M3AAWG’s “State of the Union” series, where members provide updates on prominent, evolving issues and events in the industry. 

Distributed Denial of Service (DDoS) attacks are used by cybercriminals to shut down networks and websites, and targets can range from a single website to major services. Today, we’re seeing an increase in the sheer amount of DDoS attacks, part of a continuous upward trajectory over the past 30+ years.  Further, tactics are rapidly evolving, yet range in sophistication. In turn, experts are constantly working to pinpoint new techniques and mitigate attacks. Generally, once professionals notice or identify a new type of channel or vector, it's a race to patch, resolve, and add mitigations for the new attack vector before its usage becomes widespread. 

Categories: 
DDoS

By the Numbers: The Rise in COVID-19 Related SMS Spam (Member Contribution)

Submitted by M3AAWG Content Manager on May 27, 2020

By Stuart McBride, Head of Threat Intelligence, AdaptiveMobile Security
 

Cybercriminals frequently use major world events, including natural disasters, international conflicts, and political elections, to manipulate vulnerable targets. The latest scheme is focused on exploiting the public’s fear around COVID-19 and the coinciding economic shutdown through SMS spam attacks. Attackers are primarily using messages that appear like legitimate updates to stimulus and relief payments to entice unsuspecting victims into clicking links or providing information.

Categories: 
Mobile
Tags: 
Mobile, fighting spam, COVID-19

Join Us as We Take our 49th General Meeting Virtual

Submitted by M3AAWG Content Manager on May 26, 2020

The global uncertainty created by COVID-19 has left many individuals and organizations vulnerable to online scams and other cyberattacks, making our work and the work of our members, more important than ever. To facilitate anti-abuse collaboration and the development of security best-practices, while ensuring the health and safety of our members, we’re excited to host our 49th General Meeting from June 8-11, 2020 virtually for the first time ever.

Lucy Sanders, CEO and Co-Founder of the National Center for Women & Information Technology (NCWIT), Speaks with M3AAWG about Sharpening Inclusive Leadership Skills

Submitted by M3AAWG Content Manager on May 21, 2020

Author: Janet Jones, M3AAWG Board of Directors Vice Chair; Diversity and Inclusion Chair; and Data and Identity Protection Committee Co-Chair

 

Supporting the development of inclusive leaders and diverse teams is a priority at M3AAWG. Our mission has long been to work together to solve complex cybersecurity anti-abuse challenges, sothe participation from our diverse body of members to reflect the broadest range of experiences is critical to our overall success. 

Q&A: Simon McGarr, Senior Advisor, on GDPR Compliance in 2020 and the Role of M3AAWG

Submitted by M3AAWG Content Manager on May 13, 2020

 

Author: Amy Cadagin (M3AAWG Executive Director)

 

The General Data Protection Regulation (GDPR) was designed to harmonize different data privacy laws across European countries in an effort to protect the privacy and data protection rights of individuals and empower them to better understand and make decisions on who processes their data and in what way.

Categories: 
GDPR Compliance
Tags: 
GDPR

How to keep the bad actors out of your teleconference

Submitted by M3AAWG Content Manager on May 11, 2020


Author: Barry Leiba, M3AAWG Senior Technical Advisor

 

Categories: 
Teleconference, Security
Tags: 
Teleconference, Security

A Q&A w. Our 2020 Mary Litynski Award Recipient

Submitted by M3AAWG Content Manager on Apr 27, 2020

This February, M3AAWG awarded Cristine Hoepers, Ph.D., the general manager of CERT.br, the Brazilian national Computer Emergency Response Team, with the annual Mary Litynski Award. Now in its tenth year, this award honors the memory of Mary and the work she did to shape M3AAWG into the leading organization that it is today, one that is dedicated to fighting online abuse such as malware, DDoS attacks, election security attacks, and more.

Empty Streets, Sleepless Nights and Everyone's Online (Including the Bad Guys)

Submitted by M3AAWG Content Manager on Apr 23, 2020

We're in the middle of a crazy time in history, and if you’re feeling stressed, that's totally understandable. Our hearts go out to those who have been impacted by the virus and we urge you to hang tough. We're going to get through this, and so will you.

We also want to explicitly recognize that even if you're in a part of the country where COVID-19-related impacts have been limited to-date, you're still probably navigating some big changes in your life.

Combatting Political Text Message Abuse: Best Practices for Today’s Digital Campaigns

Submitted by M3AAWG Content Manager on Apr 21, 2020

The United States is facing an unprecedented election season. Instead of in-person rallies and speaking slots, campaigns are now entirely online, relying primarily on digital engagement with voters. Never in history have candidates had so many ways of reaching voters directly or indirectly, the most popular—and effective—is text messaging to mobile devices. However, poor execution and disregard for established guidelines could undermine the potency of this channel. In a time when digital isn’t a nice to have but the only connection to the voting populace, getting it wrong will certainly spell disaster.

Categories: 
Messaging, Elections
Tags: 
Messaging, Elections

Pages

Subscribe to M3AAWG Blog