Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
As we, here in the United States celebrate our independence this Fourth of July, we are reminded that the liberties and freedoms that come with that independence have yet to be won online. As citizens of this country we are blessed with safety and security from threats both foreign and domestic, but those guarantees have not yet extended to our citizenship in the global Internet community. This is true not just for American citizens, but for all Internet users throughout the world. more
FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more
Netscout recently released its latest Threat Intelligence Report that documents DDoS attacks in the second half of 2024. As has been the trend for many years, the largest target of DDoS attacks has been ISP networks. There were over 8.9 million DDoS attacks documented in the second half of last year, up 12.75% over the first half of the year. more
As if we didn't have a long enough list of problems to worry about, Lumen researchers at its Black Lotus Labs recently released a blog that said that it knows of three U.S. ISPs and one in India was hacked this summer. Lumen said the hackers took advantage of flaws in software provided by Versa Networks being used to manage wide-area networks. more
It seems like there is more disturbing news every day about Chinese infiltration of our telecommunications networks. A recent headline said that nine large ISPs have now been infiltrated. Tom Wheeler, a previous Chairman of the FCC, recently wrote an article for the Brookings Institute that speculates that the ability of the Chinese to infiltrate our networks stems back to decisions made decades ago that have never been updated for the modern world of sophisticated hacking. more
The recent NANOG 61 meeting was a pretty typical NANOG meeting, with a plenary stream, some interest group sessions, and an ARIN Public Policy session. The meeting attracted some 898 registered attendees, which was the biggest NANOG to date. No doubt the 70 registrations from Microsoft helped in this number, as the location for NANOG 61 was in Bellevue, Washington State, but even so the interest in NANOG continues to grow... more
According to a 2017 Black Hat Attendee Survey, cyberattacks on U.S. enterprise and critical infrastructure are coming soon, and in most cases defenders are not prepared. more
Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more
The Qatar Crisis started with a targeted Poli-Cyber hack of an unprecedented nature. Its shockwaves and repercussions continue to alter political and business fortunes, directions and paradigms not only in the Gulf region but globally. Almost everyone around the world is now aware of the this crisis that started early June. By mid July a Washington Post report cited US intelligence officials that the UAE orchestrated hacking of Qatari government sites, sparking regional upheaval that started it all. more
Distributed Denial-of-Service (DDoS) attacks will become larger in scale, harder to mitigate and more frequent, says Deloitte in its annual Global Predictions report. more
Webstresser.org, considered the world’s biggest marketplace to hire DDoS services, has been taken down according to an announcement issued today by the European Union Agency for Law Enforcement (Europol). more
In the largest cyberattack since Russia's invasion in February 2022, Ukraine's leading mobile network operator, Kyivstar, faced severe disruptions. more
A report recently released by McAfee Advanced Threat Research (ATR) revealed a fileless attack targeting organizations involved with the Pyeongchang Olympics. more
The President and Congress are deliberating how best to ensure appropriate cybersecurity protection for private sector critical infrastructure. Legislative action and Executive Order are both under consideration. It is possible, however, that the White House Office of Management and Budget (OMB) already has sufficient statutory authority to enact new cybersecurity regulations through the normal notice-and-comment rulemaking process. more
The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more
A World-Renowned Source for Internet Developments. Serving Since 2002.