Monetization of DDoS attacks has been core to online crime way before the term cybercrime was ever coined. For the first half of the Internet's life, DDoS was primarily a mechanism to extort money from targeted organizations. As with just about every Internet threat over time, it has evolved and broadened in scope and objectives. The new report by Forcepoint Security Labs covering their investigation of the Sledgehammer gamification of DDoS attacks is a beautiful example of that evolution. more
When you plug into a broadband socket, what you are accessing is a distributed computing service that supplies information exchange. What is the service description and interface definition? For inspiration, we can look at the UK power plug. One of the great unsung fit-for-purpose innovations in British society is the BS1363 13 ampere power plug and socket. This is superior to other plugs by virtue of its solid construction and safe design. more
Two events that happened last month deserve an additional note. One is the ICANN57 conference held in Hyderabad on November 3-9. The other is the 3rd World Internet Conference Wuzhen Summit held in Zhejiang Province on November 16-18. Though being completely overwhelmed by the result of President election in the United States, both events mark the victory of non-state actors and serve as good news for the community. more
It was reported that .XYZ, .CLUB and .VIP have obtained official license from the Chinese government. The approval notices can be found on the website of the Ministry of Industry and Information Technology ("MIIT"), the domain name regulator in China. It is the first batch of overseas top-level domains (TLD) being officially approved. Previously, only two legacy TLDs -- .COM and .NET -- have been issued such approval. The "green light" means that Chinese registrars are able to sell these domains legally in China. more
The Internet of today is awash with networking protocols, but at its core lie a handful that fundamentally keep the Internet functioning. From my perspective, there is no modern Internet without DNS, HTTP, SSL, BGP, SMTP, and NTP. Of these most important Internet protocols, NTP (Network Time Protocol) is the likely least understood and has the least attention and support. Until very recently, it was supported (part-time) by just one person. more
Would you be interested in helping guide the future of the Public Interest Registry (PIR), the non-profit operator of the .ORG, .NGO and .ONG domains? If so, the Internet Society is seeking nominations for three positions on the PIR Board of Directors. The nominations deadline is Sunday, December 11, 2016.,,, In 2017 there are three positions opening on the PIR Board. Directors will serve a 3-year term that begins in April 2017 and expires in April 2020. more
This post is conjecture, but it is informed conjecture... Consider the following: When Google Fiber started in Kansas City, most people assumed that it was a demonstration project, intended to spur investment by the incumbent US Internet service providers (ISPs). Few thought that Google wanted to become a retail ISP. Google Fiber garnered a lot of publicity and Google, began speaking of it as a real, profit-making business. They announced other cities and started laying fiber in some of them. more
It's not particularly clear whether a marketing intern thought he was being clever or a fatigued pentester thought she was being cynical when the term "Purple Team Pentest" was first thrown around like spaghetti at the fridge door, but it appears we're now stuck with the term for better or worse. Just as the definition of penetration testing has broadened to the point that we commonly label a full-scope penetration of a target's systems with the prospect of lateral compromise and social engineering as a Red Team Pentest -- delivered by a "Red Team" entity operating from a sophisticated hacker's playbook. more
It should come as no surprise that the Federal Communications Commission will substantially change its regulatory approach, wingspan and philosophy under a Trump appointed Chairman. One can readily predict that the new FCC will largely undo what has transpired in previous years. However, that conclusion warrants greater calibration. more
Even those who care about net neutrality might not have heard of the aptly-called Shadow Regulations. These back-room agreements among companies regulate Internet content for a number of legitimate issues, including curbing hate speech, terrorism, and protecting intellectual property and the safety of children. While in name they may be noble, in actuality there are very serious concerns that Shadow Regulations are implemented without the transparency, accountability, and inclusion of stakeholders necessary to protect free speech on the Internet. more
I've written posts about trolls in Cuba, where Operation Truth is said to use a thousand university-student trolls and trolls in China where government workers fabricate an estimated 488 million social media posts annually. Now we are reading about Russian government trolls... The fake news and trolling revealed during the last few months of the US political campaign has sowed doubts about everything we see and read online. We're beginning the transition from "critical thinking" to "paranoid thinking." more
Not infrequently heard in domain name disputes are cries of shock and gnashing of teeth that domain name holders may lawfully offer their inventory at excessive prices. Take for example TOBAM v. M. Thestrup / Best Identity, D2016-1990 (WIPO November 21, 2016) (<tobam.com>). Respondent accused Complainant of bullying which Complainant denied... more
The demand for penetration testing and security assessment services worldwide has been growing year-on-year. Driven largely by Governance, Risk, and Compliance (GRC) concerns, plus an evolving pressure to be observed taking information security and customer privacy seriously, most CIO/CSO/CISO's can expect to conduct regular "pentests" as a means of validating their organizations or product's security. more
Post-Thanksgiving is a time of reflection where we are thankful for technological improvements that allow us to succeed. Every-so-often, technology comes along that not only improves our business but can also help the world. Cloud computing is such a technology. Transitioning to the cloud is a good choice for just about any business, for several reasons. Cloud applications offer scalability, performance, cost-effectiveness and easy mobile access. more
Data breaches are the oil spills of the digital economy. Over 429 million people were affected by reported data breaches in 2015 -- and that number is certain to grow even higher in 2016. These large-scale data breaches along with uncertainties about the use of our data, cybercrime, surveillance and other online threats are eroding trust on the Internet. more
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byWhoisXML API