The bot family, which has been dubbed "YoyoDDoS" after the hostname of one of its initial command-and-control (C&C)servers, was first detected in March. To date, Arbor Networks hasprocessed more than 70 variants from the family and identified at least34 C&C servers, all but three of which are located in China.

DDoS attacks use large numbers of compromised PCs to flood a targeted website withtraffic with the goal of knocking it offline. Out of the 180 YoyoDDoSattacks that have been identified, 126 of them targeted IP addresses inChina, while 32 targeted victims in the United States, nine in SouthKorea, and five in Germany.

Several different online merchants have been targeted, including sites selling auto parts and cosmetics,Edwards said. Several gaming and gambling sites also were attacked,along with a website-hosting provider, a music forum and a personalblog..

“It is not targeted at a specific industry,” said Edwards, a former FBI special agent assigned to the Detroit CybercrimeSquad. “Its more like a general tool, and if somebody wants to take asite down for a certain reason, a lot of time they use this YoyoDDos.”

The attacks typically last between a few hours to two days, he added.Several sites have been attacked continuously for 24 to 48 hours.

Researchers at Arbor Networks said they do not know how many computers have beeninfected with the bot malware, but they believe there are at least threeor four independent YoyoDDoS botnets being controlled by independentoperators.

If this is the case, the code to create the bot malware may be circulating in the cybercrminal underground, Edwards said.

The bot malware, which Edwards said is not especially sophisticated, couldmake its way onto a user's PC via malicious links or attachments inemails. After instillation, the bot connects to the C&C server andreports back details about the victim host, including the make, modeland speed of the processor and the operating system service pack level.Additionally, every time an infected computer is started, the malwaremakes contact with the C&C server.

The bot family uses four different types of DDoS attacks – HTTP, UDP, SYN and ICMP – all ofwhich flood a victim with different types of traffic, Edwards said. Ifan attack is launched with a certain type of traffic, and the victim hasa firewall or another security device that blocks it, another attackmode can be used.

“I do know that it is being actively used based on the number of attacks we are logging,” Edwards said. “We arestill logging attacks and finding [bot malware] specimens we haven'tseen.”

Geminoid F, the uncannily lifelike fembot we saw in April, is back in a new PR vid from Kokoro, a Tokyo-based entertainment company that collaborates with Osaka University'sHiroshi Ishiguro in the creation of androids both feminine and creepy.

Geminoid F was so named because it's a nearly exact replica of a human female model, seen here. In the new video, the robot calls itself "Actroid F," as it has joined the ranks of other Actroid robots produced by Kokoro.

The air servo-powered fembots can be rented for trade shows and other events. While Actroid F can move its eyes, mouth, head, and back, it can also act as a telepresence robot. Cameras and face-tracking software follow a remote operator so facial expressions and head movements are reproduced in the robot in a master-slave relationship via Internet link.

Actroid F has minimal servomotors to save on cost, and it can't walk. But Kokoro reportedly announced plans to sell 50 units to museums and hospitals for some $110,000 apiece, aiming for them to serve in roles such as receptionist, patient attendant, or guide. The company has said patients have reacted favorably in a hospital trial.

ATR Intelligent Robotics and Communication Laboratories, backed by the government, companies, and academia, also collaborated in Actroid F's development, one of many robot projects Japan has funded as it tries to develop next-generation machines to meet social needs..

How to make a crocodile smile: Swim in a pool full of deadly salties with just a perspex cage for protection

Tourists to this unusual theme park are sure to get some holiday snaps with a difference.

Inspired by the popularity of cage shark-diving, a tourist attraction has opened that allows adrenalin junkies the chance to swim with killer crocodiles.

And, as these incredible pictures show, participants can get up close and personal with one of the worlds deadliest creatures.

Definitely no running, ducking bombing or petting in this pool: Face to face with one of the 125 stone monsters

All that separates thrill-seekers from the huge saltwater crocodiles is a five-inch thick perspex box that has, we are assured, undergone 'extensive' safety testing.

Fearless participants climb into the clear container - nicknamed the Cage of Death - which is suspended on a monorail track that runs above four crocodile enclosures.

Two grated doors lock into position on the top of the 10ft tall box which is then lowered into the water and comes to rest 2ft beneath the surface.

To ensure that the paying customers get their money's worth, chunks of meat are tied to the bottom of the cage. The crocodiles instantly drawn to it when it enters the water.

The results vary from the crocs 'eye-balling' the swimmer, rubbing against the cage or going into a full on 'aggressive attack' against it.

Snappy snaps: Holiday photos from this resort will be just a little different

Customers pay about £100 to spend 20 minutes swimming alongside the crocs; the largest of the beasts measures a whopping 18ft and weighs over 125 stone,

One of the mighty reptiles at the Crocosaurus Cove park in Darwin, Australia, is named Burt. Film buffs might remember him from the first Crocodile Dundee movie - he's the one who nearly ate Linda Koslowski's character.

Sallie Gregory, spokeswoman for the park, said: 'Many people find the opportunity of getting to within a few inches from the jaws of these crocodiles exhilarating.'

'People often get activity ranging from an aggressive attack to a casual eye-balling and swim past where the crocs are so close that they rub against the cage.'

'Most of the women who take part say they are happy just to watch the crocodiles while guys tend to want the action and attack.'

Smile please: Two thrill-seeking tourists get up close and personal with one of the saltwater crocodiles at the Crocosaurus Cove park in Darwin, Australia

She added: 'One of our directors who has extensive experience with crocodiles wanted a concept that allowed people to get up close to these ultimate predators in a safe environment.'

'The cage runs on a overhead monorail system, suspended over the enclosures and is lowered into up to four separate enclosures as part of the 20 minute experience.'

'The perspex is about 135mm thick and extensive testing in both the manufacturing and the way the crocodiles would react to the cage were carried out prior to the testing team entering the cage.'

The 'Cage Of Death' has been extensively tested for safety. With one of these prehistoric killers just inches away, one might hope so..

'The top of the cage has two grated doors to stop anything entering the cage and a back up motor and separate chain operates to ensure that in the event of a malfunction, the cage can continue to operate.'

'The cage generally allows about two feet from the surface of the water though this can be adjusted if people are not strong swimmers and would prefer to keep their head above water.'

Among the crocodiles people can swim alongside are the mating pair of Houdini and Bess as well as Chopper, Denzel and of course movie star Burt.

But one of the most popular crocs is Wendell - he's the biggest and is named after muscular Australian rugby star Wendell Sailor.

Crocodile attacks in the wild are quite rare these days. However, during the Japanese army's retreat from Ramree Island in February 1945, saltwater crocodiles are thought to have been responsible for the deaths of 400 Japanese soldiers. .

British troops encircled the swampland through which the Japanese were retreating, resigning the Japanese to a night in a mangrove swamp which was home to thousands of saltwater crocodiles.

The Ramree crocodile attacks are listed as 'The Greatest Disaster Suffered from Animals' in The Guinness Book of Records

Saltwater crocodiles are the largest reptiles on the planet. Their main habitat is northern Australia and New Guinea, Indonesia and Borneo. They have been known to kill and eat horses, water buffalo, and even sharks as well as the occasional human.

To deal with a problem, the first thing we have to do is to understand the problem. This means that we have to be able to measure all meaningful aspects of the problem. If we consider the problem of online fraud, it is encouraging that there has been substantial progress in understanding phishing and how malware is used to steal credentials, documents and money. But, strikingly, almost nothing is known about Nigerian scams (also known as advance fee fraud and 419 scams - 419 is a section under the Nigerian Criminal Code Act that prohibits obtaining goods by false pretences). This makes it harder to defend against this increasingly common type of fraud, and almost impossible to predict the extent to which it may become worse onwards.

We designed and performed an experiment that allows us to take the pulse on Nigerian scammers. Are the scammers really from Nigeria, you may begin to ask? What do they want, and how do they get it? What are their strengths, what are their weaknesses? Are they at the peak of their success, or should we fear that they can become dramatically better at what they are doing? What can organizations do to secure themselves and their users?.

Here is the experiment in a nutshell. Imagine a camera that sells for $750 new, and I offer one for sale on Craigslist for $250. Only used for a few weeks, in perfect condition. Good deal, right? But what if I instead were to ask $750 (or more) for it used? Not so hot, you might say. It makes more sense for you to buy it in the store. You would not bother contacting me.

But fraudsters would.

They may contact me and ask to buy it - even at a premium. They will tell me where to ship it, and they will send me a payment. Or rather: something that looks like a payment to a would-be victim, who would not realize that it really was not a payment until after the camera was shipped.

We used the technique of offering too expensive merchandise to find fraudsters without bothering honest people. In fact, we used it to make the fraudsters find us, while avoiding everybody else. Then we acted as would-be victims, and paid attention to what happened.

Here are some of our findings:

Nigerian scams are aptly named. Indeed, almost all of the fraudsters we interacted with wanted us to ship our merchandise to an address in Nigeria. Knowing this may help a little in designing countermeasures, whether legal or technical.

Most Nigerian scammers "pay" using PayPal. Then they send an email that looks a lot like a PayPal payment notification. But, interestingly, they do not spoof emails. If they were, which would be very easy, they would no doubt increase their yield.

Some Nigerian scammers "pay" using Western Union. Then they send a confirmation code that lets the seller pick up the money - but with some digits starred out. "When you send me the tracking number, I will send you the missing part, and you can pick up the payment."

Some Nigerian scammers "pay" using Credit Cards. They request the victim's credit card details so that they can "transfer" the money to his or her account.

Nigerian scammers are bullies. As a would-be victim has agreed to sell, but then expresses second thoughts, the scammer becomes mean and threatening. He sends angry emails in all-caps; tells the would-be victim that he or she will be blacklisted or reported; he even sends a notification from a payment provider, stating that the would-be victim's account has been revoked. (This can only be undone by responding to the notification with your password.)

Nigerian scammers know what they want. They want fancy cameras, but do not care as much for laptops, and do not give a darn about refrigerators and other bulky electronic appliances. It makes sense: The merchandise needs to be shipped to them, and then be resold in Nigeria.

Knowing that the scammers remain in business, we can infer that they are reasonably successful. In fact, we see more and more Nigerian scams. So we can conclude that there are enough people who are not very careful, and that bullying them pays off. This is not about people lacking technological skills, it is about them not thinking critically. User awareness and education campaigns could change that.

Of course, Nigerian scams are not limited to Craigslist, nor to frauds in which they try to obtain people's cameras for free. Our experiment only gives us a glimpse at one particular type of scam at one particular point in time. But it gives us hope that it is possible to create a taxonomy of scams and scammers, and develop tools and campaigns that hurt their bottom line.

A distributed denial of service attack is every business’s worst nightmare. One minute, everything is ticking along as normal. The next, your infrastructure is hit by a tsunami of spurious traffic from across the Internet. Legitimate users find themselves locked out, your ability to do business online grinds to a halt, and there's not a great deal you can do about it – unless you prepare ahead of time.

Nowadays, it is frighteningly easy for attackers to execute a DDoS attack. Botnets comprised of thousands of compromised PCs can be rented cheaply, and software capable of automating attacks can be acquired readily on the underground market. Attacks peaking at tens of gigabits per second have been recorded, and the size of peak attacks grows each year.¹ A modest attack can be bought for less than a thousand dollars.² It’s also quite possible for your site to become collateral damage in an attack against a third party you know nothing about. Witness Twitter, one of the Internet's most highly trafficked sites, which found itself knocked offline for hours last August due to a politically motivated attack launched against a single user.³

While some evidence shows that massive brute force DDoS attacks are falling out of favor among financially motivated criminal enterprises, there are few signs of a decline in DDoS more generally.⁴ DDoS attacks are so hard to stop that it's not unheard of for some companies to surrender to extortion attempts, quietly handing their attackers tens or hundreds of thousands of dollars in protection money in order to make the problem go away.⁵

Short of paying out, it's extremely difficult to completely prevent a determined DDoS attack. But there are four general measures organizations can take, both during system design and live operation, to mitigate the risk of genuine users and customers suffering disruption during an attack. Successful defenses involve using all four techniques:

1. Over-provisioning

Many DDoS attacks are brute force in nature, and over-provisioning is a brute force defense. Your opponent simply needs to throw enough traffic at you to overwhelm your capacity. You can reduce his chances of success and limit the impact on your users by provisioning for far more traffic than you would expect to receive during normal operation. You do not necessarily need to provision for a 40Gbps attack – not all attackers have botnet arsenals that large – but you should aim to prepare for traffic many multiples of what you experience in normal operations..

Some people, when designing their networks, have a tendency to provision for their highest anticipated level of genuine traffic. An e-commerce site, for example, might provide enough capacity for a seasonal sales peak. This will rarely be sufficient to fend off a good-sized DDoS attack. If normal business means 60,000 visits per day, expect a DDoS attack to easily send that much traffic your way in ONE minute. That translates to 86 million “visits” in a single 24-hour attack. A site only provisioned for 60,000 visits will quickly fall to its knees.

A good rule of thumb when building out your hardware infrastructure is to provision for ten times normal peak traffic. Work out the most amount of traffic you've ever had, multiply it by ten, and deploy sufficient hardware to cope with at least that level of activity.

Similar rules apply to bandwidth, so you must ensure that your contract is flexible enough to permit traffic coming into your systems to “burst” to many times the normal volume. You don't want your connectivity provider to shut down all traffic to your site in order to prevent collateral damage to its other customers. Work out the largest amount of bandwidth your site has ever consumed under normal circumstances, then check that your contracts would allow a sustained burst of ten times that amount. Keep in mind that handling that much traffic will take a hefty bite out of your checkbook, too.

2. Remote/redundant monitoring

If up-time is important to you, chances are you already have systems in place to monitor the performance and availability of your site. But in-house monitoring systems can be of limited utility if they're under a DDoS attack as well. If a system designed to alert you when the network experiences problems sits behind the same bottleneck as the site it is monitoring, the alert probably won't make it to your phone or in-box in a timely fashion.

When you're under attack, it helps to know that you are under attack – and quickly. A more reliable alternative is to subscribe to a third-party service that monitors your site around the clock from dozens of other places on the Internet, evaluating its responsiveness from a genuine end-user perspective and providing alerts to your phone when problems are found.

3. Dump the logs

Your Web server logs can't tell the difference between a genuine visitor and a botnet node. Both visits will usually be recorded in the same way. Even if your server is provisioned correctly and is able to recover from a DDoS attack flood, if its logs stack up, you can often add insult to injury if your server fails because the logs became too large. While the log data could possibly be used for forensic purposes after the attack is over, its value is relatively limited. It's far more important that servers are able to respond to genuine users during the attack.

If you find log files growing large quite quickly, you're faced with the choice between keeping the data and losing the server, or losing the data and keeping the server. If your Web server is mission critical and large log files are preventing you from recovering, your choice should be clear: dump the logs.

4. Know the people at your providers

While it is technically possible to locally configure network hardware to drop some malicious packets, ideally you'll want the unwanted traffic throttled as close to the source as possible. This means that coordination with your upstream providers is a must.

Unfortunately, if your opponent has done his reconnaissance properly, he will launch his attack at the most inconvenient time possible. There's a good chance that the text message alerting you to an incoming DDoS will arrive at 1am on a Saturday morning, when both you and your regular ISP points of contact are off for the weekend.

The normal support numbers you know to call might go to voice-mail, the night-shift staff may not have the expertise or authority to help, and automated ticketing systems may not be as comprehensively attended as they are during business hours. If you can't find anyone in a position to help you, you're then faced with the prospect of two or three days of compromised performance or outright downtime.

In these circumstances it’s essential to have the direct telephone numbers of clued-in people at your ISP's network operations center. If you know how to contact the right person to help shut down the attack, regardless of the hour, you'll experience far fewer headaches when a DDoS strikes.

It's a truism that most security vulnerabilities are people problems. Fortunately, that sometimes also applies to the solutions.

DDoS attacks are here to stay – after all, they are cheap to setup and easy to implement. By appropriately deploying plans in these four areas (provisioning, monitoring, log management and escalation) you should be able to hold your own against all but the most determined and aggressive attackers.

BOYCOTT AIT NOW ! In the early 1990’s, as a result of the historic National Broadcasting Commission decree, according to Muyiwa Oyinlola (2004) Nigerian media was dominated by the government only.Information was only made possible from government owned broadcasting firms. However, the Head of State then General Babangida, issued another decree which allowed private broadcasting in Nigeria. After this decree came the first private television network in Nigeria, Africa Independent Television (AIT). AIT was pioneered by High Chief, Dr. Raymond Dokpesi, and was also Africa’s first satellite T.V. station.^[1] Today Dokpesi is regarded as the media guru of Nigeria. Some also refer to him as the Ted Turner of Nigeria. Dokpesi not only pioneered the first satellite TV but also the first privately owned radio station in Nigeria. According to the journalist Kolapo (2006), Raymond claims that AIT set the standard for salary structure in the media industry in which Nigerian Television Authority imitated),^[2].

THE race for 2011 presidency gathered momentum Thursday, with ex-President Ibrahim Babangida raising a 10-man campaign organisation.

The ex-President is expected to make a formal declaration of his plan to run on September 14 and 15, which had earlier been set aside by the strategists of President Goodluck Jonathan for the same purpose.

It was also learnt that Peoples Democratic Party (PDP) governors have decided to keep their game-plan on a consensus presidential candidate under wraps.

A statement by the Director, Media and Communications, of Babangida Presidential Campaign Organisation, Prince Kassim Afegbua, said the ex-military president would unveil his blueprint during the declaration.

The statement said: “In furtherance of the presidential aspiration of His Excellency, General Ibrahim Badamasi Babangida, GCFR, the following persons have been appointed and accepted to serve in the Presidential
Campaign Organisation in the various categories of the campaign.

“They are High Chief Raymond Aleogho Dokpesi,OFR (Director General); Senator Kanti Bello (Deputy Director General); Alhaji Sada Ilu (Director, Security &Intelligence), ex-Minister of Health, Prof.
A.B.C Nwosu (Director, Research &Planning); a former Minister of
Information, Prof. Sam Oyovbaire (Director, Policy &
Strategy);Prince Kassim Afegbua (Director, Media and communications);
Mrs. Remi Adiukwu-Bakare (Director, Women Affairs); Alhaji Farouk
Bibi-Farouk(Director, Youths Affairs); Alhaji Shehu Musa Gabam
(Director, Contact & Mobilisation); and a former Minister of
Justice, Hon Musa Elayo (Director, Legal Services).

“The comprehensive list of the Zonal and States’ Coordinators will be announced in due course. The temporary Campaign Office is located at 77B, Aguiyi Ironsi Street, Maitama Abuja.

“The formal presidential declaration ceremony will come up on the 14th and 15th September, 2010 at the Eagle Square, Federal Capital Territory, Abuja. The event will avail Gen Ibrahim Badamasi Babangida,
the opportunity to unveil his blueprint to members of the public.”

As of press time, it was learnt that the Campaign Organisation of President Goodluck Jonathan might change the date of his declaration to avert any clash.

A source, who spoke in confidence, said: “With Babangida’s camp choosing the same dates proposed by our team, we may either ask the President to declare on or before September 12 or a day after
theirs.“All I can tell you is that we will coordinate our campaign in a
manner that the nation will not be heated up unnecessarily.”

There were strong indications yesterday that PDP governors are keeping their game-plan on a consensus candidate for 2011 presidential poll to their chest.

According to findings, five Northern governors were considered as leading candidates on Tuesday.

The governors are Dr. Bukola Saraki (Kwara); Alhaji Danjuma Goje (Gombe); Admiral Murtala Nyako (Adamawa); Ibrahim Shema (Katsina); and Sule Lamido (Jigawa).

A source said: “It is not as if the governors do not have a mindset on where they are going but they have kept their game-plan secret because of certain political developments, especially consultations with
some stakeholders.

“At the right time, the governors will come up with a position on a common candidate. Just wait and see.”

Electricity companies from Canada, India and Ireland are the final bidders to take over the management of Nigeria's national grid, a contract likely to be awarded by the end of the year, a top official said on Friday.

Manitoba Hydro, owned by the Canadian province of Manitoba, India's Power Grid Corp (PGRD.BO) and Ireland's Electricity Supply Board (ESB) are the final bidders to manage the transmission grid in Africa's most populous nation.

"I can tell you that we expect to finalise everything and hand over by the end of the year," Bart Nnaji, head of a presidential taskforce charged with reforming Nigeria's power sector, told Reuters.

President Goodluck Jonathan on Thursday unveiled a blueprint for ending chronic power shortages in sub-Saharan Africa's second biggest economy, a plan which financiers say could unlock billions of dollars of private sector investment..

Under the strategy, Nigeria will privatise electricity generation and distribution. It will continue to own the national grid but its management will be privatised.

Despite producing more than 2 million barrels per day of crude oil, Nigeria relies on diesel generators to power everything from phone chargers to luxury hotels because of constant power outages which are a major brake on growth.

Jonathan's plan, unveiled less than five months before elections are due to be held, is the most comprehensive yet designed to solve the nation's power problems.

Previous privatisation efforts, most recently of former state telecoms monopoly NITEL, have been a failure and investors say the roadmap for reform will need to be backed up by cast-iron guarantees on the regulatory framework.

Nigeria Forms Cyber Prosecution Team

The Nigerian government has approved the formation of a cyber prosecution team to spearhead the country’s battle against cyber crime.

The Computer Crime Prosecution Unit (CCPU) will operate under the supervision of the Public Prosecution Department of the Federal Ministry of Justice. The new unit will be in charge of prosecutions of those suspected of cyber crimes, according to the Attorney-General of the Federation and Minister of Justice.

“Nigeria needs to have a robust cybersecurity and cyber crime prevention/prosecution structure to drive issues related to cyber crime,” AG Mohammed Bello Adoke said.

The unit will collaborate with the telecom and banking sectors, as well as the Economic and Financial Crimes Commission..

“Officers to man the unit are to commence immediate training in basic cyber prosecutors’ courses and electronic evidence handling, amongst others, while other modalities for the effective takeoff of the CCPU are being worked out,” Adoke said.

Africa currently operates with little broadband Internet access. However, the continent is host to the most computer infections, which has provoked worry among cyber professionals.

A four-time presidential aspirant, Sarah Jubril, has again declared her intention to run for presidency in 2011, on the platform of the ruling People’s Democratic Party.

She unfolded her plans at a news conference on Thursday, in Abuja, joining three other presidential hopefuls that have already declared interest to contest for the PDP ticket in the next dispensation.

Mrs Jubril joined the likes of former head of state, Ibrahim Babangida; former vice president, Abubarkar Atiku; and the incumbent president, Goodluck Jonathan, who is slated to officially announce his ambition after the Ramadan fast.

Mrs Jubril said she made up her mind to join the race based on the premise for quality economic development and improved citizenry. According to her, most of the crises facing the country resulted from absence of good character in most people occupying public offices in the country and she pledged to address the quality of citizens through an improved system in the family, the communities, professions, economy, politics, governance, infrastructure, and diplomacy.

She also pledged to provide “rescuer-leadership”, to refocus and raise the country from “delayed development to steady wealth and rapid development.”

“Hence, I remain with an unquenchable spirit that I can and with all of us, can re-teach and re-nurture Nigeria back to sanity, orderliness, serenity, peace, and systematic discipline in all sectors..

“The president that Nigeria needs very urgently is the one who can roll up his or her sleeves to teach good character or ethics in the pursuit of excellence in every area of our quest, goals, and vision,” she said.

However, Mrs Jubril stated that the battle of liberation from stagnation, frustrations and mediocrity to celebration of excellence, must be won if Nigeria and Africa must achieve rapid development.

Commenting on zoning, she said the controversial arrangement in PDP was for “political convenience,” adding that there were over 450 ethnic groups in the country which the zoning formula intended to give sense of belonging.

For better for worse

She berated the performance of state governors, saying that majority of them had not in any way addressed the yearnings and aspirations of the electorate and that their interference with the allocations of the local governments was a failure of governance at the grassroots.

According to her, this has made it difficult for the councils to care for their people.

She, however, promised not to pull out of PDP, if she failed at the primaries, saying she would remain steadfast in the party, irrespective of the outcome of the presidential primaries.

This, however, marks the fifth time Mrs. Jubril is joining the race for the highest public service office in Nigeria.

She was an aspirant in the defunct Social Democratic Party (SDP) in 1993, which was presumably won by the late Moshood Abiola. She was also an aspirant in 1998 on the platform of PDP, losing to former President Olusegun Obasanjo.

In 2003, Mrs. Jibril took her ambition to the Progressive Action Congress (PAC) and later returned to PDP, to jostle for the party’s ticket in 2007. She scored four votes at the convention which was won by late President Umaru Yar’Adua.

Excerpt: "We were unaware the Facebook owned the Internet or the term 'book,'" Teachbook Managing Partner Greg Shrader

Facebook we sef na 9jabook o ! sue us please !We need the publicity .