- M3AAWG Mobile playlist on YouTube
- Selected Training Videos (also available on www.youtube.com/maawg)
- Selected Keynote Videos (also available on www.youtube.com/maawg)
1
Below are the M3AAWG published materials related to our work on preventing and mitigating malware. There is also a Mobile video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.
Best Practices
PDF
September 30, 2019
M3AAWG Tutorial on Third Party Recursive Resolvers and Encrypting DNS Stub Resolver-to-Recursive Resolver Traffic
This paper provides basic information on the benefits and potential issues with encrypting DNS traffic for both end-users wanting to implement encrypted DNS on their personal devices or home broadband networks and for ISPs or enterprise administrators considering it for their corporate networks, including recommendations for M3AAWG members and the online anti-abuse eco-system. The companion document “M3AAWG Companion Document: Recipes for Encrypting DNS Stub Resolver-to-Recursive Resolver Traffic” provides detailed instructions and processes.
PDF
September 29, 2019
M3AAWG Companion Document: Recipes for Encrypting DNS Stub Resolver-to-Recursive Resolver Traffic
This paper includes detailed instructions on how to install and configure a third party encrypted DNS service on Mac OS X, MS Windows, iPhone, Android and a standalone Raspberry Pi. It is a companion document to the “M3AAWG Tutorial on Third Party Recursive Resolvers and Encrypting DNS Stub Resolver-to-Recursive Resolver Traffic,” which outlines the benefits and issues with encrypting DNS traffic.
PDF
May 06, 2019
LACNOG-M3AAWG Joint Best Current Operational Practices on Minimum Security Requirements for Customer Premises Equipment (CPE) Acquisition
This document identifies a minimum set of security requirements that should be specified when ISPs purchase customer premise equipment to ensure that the CPE has a secure default configuration and a secure remote management and update mechanism. These joint best practices were developed by LACNOG (Latin American and Caribbean Network Operators Group) and M3AAWG, and is the product of LACNOG's original drafts by its working groups LAC-AAWG (Latin American and Caribbean Anti-Abuse Working Group) and BCOP Working Group, in cooperation with M3AAWG members, Senior Technical Advisors and the M3AAWG Technical Committee.
PDF
March 31, 2017
M3AAWG Password Managers Usage Recommendations
Most users struggle to manage a large number of usernames and passwords. While password managers have both proponents and detractors, these recommendations reflect the general consensus of the industry.
PDF
February 28, 2017
M3AAWG Password Recommendations for Account Providers
Passwords are used virtually everywhere. This document provides password requirement recommendations for ISPs and other providers and briefly describes the risk model of using passwords to provide authorized or secure access to resources. It aims to improve end-user security by encouraging strong passwords.
Pages
Public Policy Comments
November 16, 2011
MAAWG Comments on the Draft Final Report of the Internationalized Registration Data Working Group
Submitted to ICANN in November 2011
Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/
November 12, 2011
MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware
Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.
September 12, 2011
MAAWG Comments on National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan
MAAWG submitted comments in September 2011
The comments were submitted to the National Institute of Standards and Technologyon its draft NICE plan.
September 06, 2011
MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime
MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
The committee's inquiry covered a variety of questions related to malware and cyber-crime.
November 13, 2010
MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet
MAAWG comments were submitted November 2010 in response to the DoC request.
The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.
Pages
DM3Z Blog
Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group
None at this time.
News
News Releases
HTML
February 20, 2020
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Celebrates Jerry Upton’s 15 Years as Executive Director at the 48th General Meeting
HTML
February 18, 2020
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Recognizes Cristine Hoepers of CERT.br with Mary Litynski Award
HTML
October 31, 2018
First Japan Anti-Abuse Working Group General Meeting Shares M3AAWG Work with Emphasis on Regional Issues
Pages
Articles About M3AAWG
HTML
November 19, 2019
Louisiana spurns attempted ransomware attack, governor says
https://www.scmagazine.com/home/security-news/ransomware/louisiana-spurns-attempted-ransomware-attack-governor-says/
Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to election integrity for cities and states.
HTML
November 15, 2019
3 Cybersecurity Threats Facing Campaigns in 2020
https://www.campaignsandelections.com/campaign-insider/3-cybersecurity-t...
Seth Blank, co-chair of M3AAWG’s Election Security Special Interest Group, comments on threats to elections, including SIM jacking, domain spoofing and email hacking.
HTML
November 13, 2019
JPAAWG 2nd General Meeting
https://internet.watch.impress.co.jp/docs/interview/1217983.html
The Japan Anti-Abuse Working Group (JPAAWG) cooperates with M3AAWG to examine and implement measures against a wide range of email and messaging attacks, such as spam, malware and DDoS.
HTML
October 09, 2019
Twilio Joins Anti-Abuse Working Group
https://www.technologybusinesstoday.com/news/article/twilio-joins-anti-abuse-working-group
Twilio announced that it joined M3AAWG, the premier industry group dedicated to combating bots, malware, spam, viruses, denial-of-service attacks and other online exploitation.
HTML
October 07, 2019
Technology, law, and the world to protect the Internet: Interview with the standards organization JPAAWG
https://www.atmarkit.co.jp/ait/articles/1910/07/news010.html
Japan Anti-Abuse Working Group (JPAAWG) launched in May 2019 and works with M3AAWG to focus on Internet security in Japan. ITmedia spoke with Mr. Shuji Sakuraba and Mr. Nobuhiro Suemasa of JPAAWG about the group’s work, including collaboration with M3AAWG.
Pages
Videos
