Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Let's be honest about it. Nobody -- including those very clever people that were present at its birth -- had the slightest idea what impact the internet would have in only a few decades after its invention. The internet has now penetrated every single element of our society and of our economy, and if we look at how complex, varied and historically different our societies are, it is no wonder that we are running into serious problems with the current version of our internet. more
The recent NANOG 61 meeting was a pretty typical NANOG meeting, with a plenary stream, some interest group sessions, and an ARIN Public Policy session. The meeting attracted some 898 registered attendees, which was the biggest NANOG to date. No doubt the 70 registrations from Microsoft helped in this number, as the location for NANOG 61 was in Bellevue, Washington State, but even so the interest in NANOG continues to grow... more
Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more
According to a 2017 Black Hat Attendee Survey, cyberattacks on U.S. enterprise and critical infrastructure are coming soon, and in most cases defenders are not prepared. more
The Qatar Crisis started with a targeted Poli-Cyber hack of an unprecedented nature. Its shockwaves and repercussions continue to alter political and business fortunes, directions and paradigms not only in the Gulf region but globally. Almost everyone around the world is now aware of the this crisis that started early June. By mid July a Washington Post report cited US intelligence officials that the UAE orchestrated hacking of Qatari government sites, sparking regional upheaval that started it all. more
Distributed Denial-of-Service (DDoS) attacks will become larger in scale, harder to mitigate and more frequent, says Deloitte in its annual Global Predictions report. more
Webstresser.org, considered the world’s biggest marketplace to hire DDoS services, has been taken down according to an announcement issued today by the European Union Agency for Law Enforcement (Europol). more
A report recently released by McAfee Advanced Threat Research (ATR) revealed a fileless attack targeting organizations involved with the Pyeongchang Olympics. more
In the largest cyberattack since Russia's invasion in February 2022, Ukraine's leading mobile network operator, Kyivstar, faced severe disruptions. more
The President and Congress are deliberating how best to ensure appropriate cybersecurity protection for private sector critical infrastructure. Legislative action and Executive Order are both under consideration. It is possible, however, that the White House Office of Management and Budget (OMB) already has sufficient statutory authority to enact new cybersecurity regulations through the normal notice-and-comment rulemaking process. more
Well... Maybe not the world, but the Internet it seems. According to a Pastebin letter, Anonymous announced they will black-out Internet on 31st of March. They even explained how to do it by attacking the DNS Root Servers on Internet using a reflected amplification attack. If this is successful, the root DNS servers will become unresponsive and cannot handle any other requests... more
A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more
OARC held a 2-day meeting in February, with presentations on various DNS topics. Here are some observations I picked up from the presentations in that meeting... In a world where every DNS name is DNSSEC-signed, and every DNS client validates all received DNS responses, we wouldn't necessarily have the problem of DNS spoofing. Even if we concede that universal use of DNSSEC is a long time off ... more
Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more
With cybercrime on the rise, companies in 2021 have experienced increased ransomware attacks, business email compromise (BEC), phishing attacks, supply chain attacks, and online brand and trademark abuse. While domain cyber risk is rising, the level of action being taken by Forbes Global 2000 companies to improve their domain security posture has remained unchanged, leaving these companies exposed to even more risk. The risk of not addressing your domain security can be catastrophic. more
A World-Renowned Source for Internet Developments. Serving Since 2002.