Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The indicators of compromise (IOCs) outlined in my last blog post can be used as a baseline for developing intrusion sets and tracking attack campaigns and threat actors. When launching an attack, threat actors use a variety of vectors and infrastructure, which Verisign iDefense analysts -- as well as analysts across the cybersecurity community -- correlate to group attacks, tracking actors and determining attack methods. more
Imagine that you are considering the purchase of your first self-driving car. You anticipate the benefits of sensors and steering that avoid accidents, conserve energy and keep you in contact with emergency personnel should you need help. You unlock the door, get situated in the driver's seat and are about to engage the ignition and then a question pops into your mind, "Is it really safe"? To answer that question, we need to understand first, that the car is not being controlled by Artificial General Intelligence... more
As many in the ICANN community prepare to depart for the sunny beaches of Cancun, Mexico, it appears the ICANN 76 meeting could be significant when it comes to the long-awaited next application window for gTLDs. It's been over 11 years since applicants were last able to apply for a gTLD (and some of those strings are still launching into the marketplace all these years later), and the community work to review that initial process has never really stopped. more
In previous installments we've been looking at aspects of the design of the DNS. Today we look at the relationship of similar names in the DNS. A poorly appreciated aspect of the DNS is that there is no inherent relationship between similar looking names. more
On June 12th, I speculated on Trump's forthcoming Cuba policy and its impact on the Internet. He outlined his policy in a June 16th speech and the Treasury Department published a FAQ on forthcoming regulation changes. It looks like my (safe) predictions were accurate. I predicted he would attack President Obama, brag about what he had done, make relatively minor changes that would not upset businesses like cruise lines, airlines, and telecommunication and hotel companies. more
This post is a heads up to all uber-geeks about a terrific research initiative to try to figure out causes and mitigation of name-collision risk. There's a $50,000 prize for the first-place paper, a $25,000 prize for the second place paper and up to five $10,000 prizes for third-place papers. That kind of money could buy a lot of toys, my peepul. And the presentation of those papers will be in London -- my favorite town for curry this side of India. Interested? Read on. more
Only an idiot would believe that the U.S. is blocking TSMC manufacture of Huawei cell phone chips because of security fears. This is a commercial rivalry. The U.S. wants to put China's leading technology company out of business. We will fail, of course, at a price far higher than D.C. understands. The U.S. is ready for China's immediate countermeasures, even if Apple's stock price falls $hundreds of billions. But the long-run price will be devastating. more
The last few weeks have reinforced the importance of modern communication networks to societies. Health care providers, schools, governments, and businesses all rely on networks that enable us to connect and collaborate remotely. Had we encountered a similar pandemic ten years ago, we would not have been able to continue our activities on the level that is possible today. more
Would you like to present an idea you have related to DNSSEC or DANE to a gathering of people within the DNSSEC community? Do you have an idea for a new tool or service? Have you recently implemented DNSSEC or DANE and want to share your story? The deadline is Monday, August 17, so please send your proposal soon! We are open to proposals on a wide range of topics... more
Cybersecurity is a top-of-mind issue with calls for individual vigilance, national legislation, and international treaties to address gaps that are exploited causing significant harm and financial loss on a daily basis. The vast majority of these calls are well-intentioned though even among the best-intentioned, some are poorly directed. Such is the case with all of the proposals that would introduce security into the International Telecommunication Regulations (ITRs) of the International Telecommunication Union (ITU). more
In the five previous exciting installments, we've been looking at aspects of the design of the DNS. Today we look at records types, and how you can tell what a DNS record means. All the records in the DNS are strongly typed. Each record includes an RRTYPE, a small number, which defines both the format of the record and what the record means. It is possible and common to have different record types with the same format, but different meanings. more
In 2010, ICANN's Security and Stability Advisory Committee (SSAC) published SAC045 [PDF], a report calling attention to particular problems that may arise should a new gTLD applicant use a string that has been seen with measureable (and meaningful) frequency in queries for resolution by the root system. The queries to which they referred involved invalid Top-Level Domain (TLD) queries (i.e., non-delegated strings) at the root level of DNS, queries which elicit responses commonly referred to as Name Error, or NXDomain, responses from root name servers. more
Kenzie is a security researcher who has registered numerous domain names that are typographic errors of well-known trademarks (e.g., rnastercard, rncdonalds, nevvscorp, rncafee, macvvorld, rnonster, pcvvorld). He points the domain names to the actual sites in question (e.g., rncdonalds points to mcdonalds.com), but he is looking to demonstrate how these typo domains are used for "social engineering" attacks. more
Cloud computing is not a new concept. Having gotten its start back in the 1960s, when computation was first envisioned as a public utility, it has been in development ever since. However, the past few years have seen more significant changes than we have seen in the entire history of the technology. In an age with ever increasing digitization of data and records, the cloud and cloud software have become unavoidable for virtually every business from small start-up initiatives to large multibillion-dollar corporations... During the past three years, we have seen the following significant developments relative to the cloud. more
According to Google native IPv6 penetration has structurally crossed the 0.2% mark as a percentage of total traffic on the Internet in early 2011. This may not seem much, but it has doubled in a year, in an Internet that is still growing exponentially. more
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byCSC
A World-Renowned Source for Internet Developments. Serving Since 2002.