Tumblr Loses Dispute Over Tublr.com Domain Name

Tumblr,Inc has lost an arbitration case filled with the World Intellectual Property Organization over the domain name Tublr.com .

The World Intellectual Property Organization dismissed Tumblr’s complaint which claimed that it was entitled to the domain name Tublr.com.Tumblr claimed that the domain name is confusingly similar to its trademark for “Tumblr” .

The panel ruled that the domain name Tublr.com has not been registered and used in bad faith by the respondent:

“The Panel notes from the evidence that the website redirected from the Disputed Domain Name was designed to collect personal information while promising the chance to win a prize. However, it is not apparent to the Panel that the website incorporated any content which suggested any affiliation or connection to the Complainants or the trademark TUMBLR, or any other trustworthy entity. There is insufficient evidence in this case before the Panel to establish that the Respondent is using the Disputed Domain Name in a phishing scam.

The Panel also noted that the registration of the Complainant’s domain name on June 8, 2006 pre-dated the registration of the Disputed Domain Name by about nine months. However, the Panel is mindful that the registration of a domain name does not per se impart any trademark rights, or that the world at large becomes imputed with knowledge of such a domain name. It remains necessary for sufficient use and publicity of a trademark to exist before any unregistered trademark may arise. As use of the trademark TUMBLR took place only from February 19, 2007, and no evidence of use or publicity prior to this date is present before the Panel, the Panel is unable to make any finding that the Complainant had unregistered trademark rights as of February 19, 2007for the purpose of these proceedings under the Policy. There is also insufficient evidence before the Panel in this case that the Respondent must have been aware of the trademark TUMBLR, or even the existence of the domain name as of March 27, 2007.”

The domain name is owned by Bai Ling of Chenzhou, Hunan, China.

ICANN Releases IE Results for the next set of applications with priority numbers 500-600 : 81 get a pass

The Internet Corporation for Assigned Names and Numbers (ICANN) release the Initial Evaluation (IE) results for the next set of applications with priority numbers 500-600 .

According to ICANN,81 applications received a passing score,bringing the total number of IDN applications with a passing score to 514 out of 600.

Some of the applications that received a passing score from ICANN this week,include : .Vodka , .Doha , .Spiegel , .Arab , .Cloud , .The Guardian , .Protection , .Polo , .GMBH and .George .

Some of the applications haven’t received any results for one or more reasons,such sa claryfying questions and pending requests.Four new gTLD applications are “Eligible for Extended Evaluation” :

العليان – Application filed by Olayan Investments Company Established LI

MCKINSEY – Application filed by McKinsey Holdings Inc. US

OLAYANGROUP – Application filed by Olayan Investments Company Establishment LI

.PAY – Application filed by DotPay SA

AusRegistry Improves Security For .AU Domain Names

Security for .au domain names just got a whole lot better with the introduction of a new security measure that will provide an added level of protection against website attacks and hijacking, as well as unintended and self-inflicted technical mistakes.

The introduction comes about, in part, following examples around the world of the devastating impact an attack can have on a business.

In an article on the AusRegistry website, George Pongas writes of “a high profile security incident last year in Ireland led to the unauthorised access of Google’s and Yahoo’s Domain Names. In this case, the nameserver delegation information was maliciously changed to redirect all visitors from the google.ie and yahoo.ie websites to other fraudulent websites, significantly disrupting business operations and damaging the brands’ reputation.”

And Pongas adds that it is for these reasons that he is “proud AusRegistry has got on the front foot and launched a new security measure that will allow .au Domain Name owners to lock their domain’s nameserver delegations and prevent changes other than by pre-authorised Registrars with authenticated access.”

Continuing on, Pongas writes the news service is called .auLOCKDOWN, and is a new Registry level security protocol that will allow .au Domain Name owners to lock their domain’s nameserver delegations and prevent changes other than by pre-authorised Registrars with authenticated access keys.

“While a rare occurrence, cyber attackers can attempt to hijack websites by infiltrating Registrar servers or by fraudulently posing as an authorised employee. While Registrars already have measures in place to counter this type of threat, examples such as the Google and Yahoo incidents demonstrate that another level of protection is warranted for high profile targets.

“.auLOCKDOWN has been developed to add an additional layer of authorisation at the Registry level that protects Domain Names in the unlikely event of a Registrar security incident or website hack that leads to unauthorised access to confidential data and systems. It also stops mistakes from occurring within an organisation, where Domain Names are accidentally updated by employees. This last point is perhaps the most frequent and likely incident to occur. Although innocent in origin, the impact can be just as significant and damaging as those with a malicious origin.

“.auLOCKDOWN provides the added level of protection that I know many CIOs for the largest companies in Australia are looking for. It’s about creating redundancy to deliver multiple layers of protection.

How .auLOCKDOWN works

The namesever details of a .au Domain Name locked through .auLOCKDOWN will only be accessible to authorised individuals through the following strict protocols:

Registrants must first contact their accredited .au Registrar and request a change.
Following this initial contact, the Registrar will begin a strictly controlled authentication process between the Registry and Registrar. This protocol has been purposefully designed to involve manual processes and human-to-human contact.
Only the Registrar’s authorised contact(s) can lock, unlock, and relock a Domain Name with .auLOCKDOWN and these contacts will be verified by the Registry at each request.
After successfully completing the authentication process, the .auLOCKDOWN is temporarily removed from the domain, the required updates are made, and then the domain is re-locked with .auLOCKDOWN.

More information about .auLOCKDOWN can be found here. An FAQ on .auLOCKDOWN is located here.

APWG Report: Cybercriminals Perfect Mass Attacks on Server Farms to Mount Phishing Blitzkriegs

[news release] A new phishing survey released by the Anti-Phishing Working Group (APWG) at its conference this week reveals that phishers are breaking into hosting providers with unprecedented success, using these facilities to launch mass phishing attacks.

Using this method, a phisher hacks into a web server that hosts a large number of domains – a “shared virtual server” – and plants phishing attacks on every domain name on the server. This allows the phisher to subvert hundreds or even thousands of Web sites at a time. The number of phishing attacks worldwide rose due to these break-ins, with attacks involving shared virtual servers representing 47 percent of all phishing attacks recorded worldwide in the second half of 2012.

“Breaking into hosting facilities is a high-yield activity for phishers,” said Rod Rasmussen, President & CTO of IID, and a co-author of the study. “This activity is part of a larger trend — we also see criminals hacking into shared hosting and using those servers for other malicious activities, such as launching denial-of-service attacks, infecting the computers of the legitimate website visitors via exploit code, and creating botnets.”

Also according to the study, the average and median uptimes of phishing attacks remained lower than the historical average, averaging 26 hours and 13 minutes in 2H2012, compared to the all-time low of 23 hours and 10 minutes recorded in 1H2012.

Another key finding was that when phishers register domain names for their scams, a small number of domain name registrars were abused more prevalently than others, relative to their overall domain registration portfolios and their industry peers. Eight of those registrars are located in China.

“Chinese phishers tend to make malicious domain registrations more often than other phishers, and use registrars inside and outside of China,” said Greg Aaron, President of Illumintel Inc., and a co-author of the study. “The report highlights how phishers take advantage of certain domain name registrars and registries, and how a lot of the activity is concentrated in certain places online. Those companies need to be actively involved in monitoring for and mitigating abuse in the spaces they control.”

The 2H2012 data set also yielded the following statistics:

There were at least 123,486 unique phishing attacks worldwide during the study period, found on 89,748 different domain names. Of those domains, the authors reported that 5,835 domain names appeared to be registered maliciously by the phishers. The number of maliciously-registered phishing domains has been in steady decline — down significantly from 7,712 in 1H2012, 12,895 in 2H2011, and 14,650 in 1H2011.
The overall use of subdomain services – registration schemes that give customers a subdomain beneath a common domain name – for phishing fell from 14 percent to 8 percent of all attacks.
Phishing occurred in 207 top-level domains (TLDs), but 82 percent of the malicious domain registrations were in just three TLDs: .COM, .TK, and .INFO.
Phishers targeted 611 target institutions, up from 486 in the first half of 2012. Targets include the users of banks, e-commerce sites, social networking services, ISPs, government tax bureaus, online gaming sites, and financial securities companies. PayPal was the most-targeted institution.
Only about 1.4 percent of all domain names that were used for phishing contained a brand name or variation thereof.

The full report can be found here: docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2012.pdf

About the APWG

The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG’s www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the Stop. Think. Connect. Messaging Convention, the global online safety public awareness collaborative www.stopthinkconnect.org and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies www.ecrimeresearch.org.

Among APWG’s corporate sponsors are as follows: Afilias Ltd., AhnLab, AT&T(T), Avast!, AVG Technologies, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Booz Allen Hamilton, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software Technologies, Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, Domain Tools, Donuts.co, Easy Solutions, eBay/PayPal (EBAY), eCert, EC Cert, ESET, EST Soft, Facebook, Fortinet, FraudWatch International, F-Secure, GlobalSign, GoDaddy, Google, GroupIB, Hauri, Hitachi Systems, Ltd., Huawei Symantec, ICANN, Iconix, IID, IronPort, ING Bank, Intuit, IT Matrix, Kindsight, LaCaixa, Lenos Software, MailShell, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar, Nominet, Nominum, Public Interest Registry, Panda Software, Phishlabs, Phishme.com, Phorm, Planty.net, Prevx, Proofpoint, QinetiQ, Return Path, RSA Security (EMC), RuleSpace, SAIC (From Science to Solutions), SalesForce, SecureBrain, S21sec, SIDN, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (TEF), TransCreditBank, Trend Micro (TMIC), Vasco (VDSI), VeriSign (VRSN), Websense Inc. (WBSN), Wombat Security Technologies, Yahoo! (YHOO), zvelo and ZYNGA.