In case you don't read any of what I have to say below, read this: I have dual citizenship. Along with my homeland citizenship, I am of the Internet, and see it as my personal duty to try and make the Internet safe. Atrivo (also known as Intercage), is a network known to host criminal activity for many years, is no more. Not being sarcastic for once, this is the time for some self reflection. more
The Flagstaff Unified School District (FUSD), in Arizona which consists of 15 schools and over 9,600 students, canceled classes on both Thursday and Friday after a ransomware virus was found on multiple servers. more
In a blog post, Stewart Baker proposed restricting access to sophisticated anti-virus software as a way to limit the development of sophisticated malware. It won't work, for many different and independent reasons. To understand why, though, it's necessary to understand how AV programs work. The most important technology used today is the "signature" - a set of patterns of bytes - of each virus. Every commercial AV program on the market operates on a subscription model... more
The NATO Consultation, Command and Control Agency (NC3A) has announced the award of a contract for upgrading the NATO cyber defence capabilities. The award to private industrial companies will enable the already operating NATO Computer Incident Response Capability (NCIRC) to achieve full operational capability by the end of 2012. At approximately 58 million Euro, it represents NATO's largest investment to date in cyber defence. more
According to the latest report from Anti-Phishing Working Group (APWG) while the total number of conventional, spam-based phishing campaigns declined in 2018, users of software-as-a-service (SaaS) systems and webmail services are increasingly targeted. more
The recent announcement of a 13-year old security flaw found in an Open Source security library has renewed the debate between open source and closed source software. The library, crypt_blowfish, allows for fast two-way password encryption. The flaw introduces the potential for passwords to be easily compromised and affects PHP and a number of Linux distributions that include the crypt_blowfish library. more
Facebook alerted users today that its engineering team on Tuesday had discovered a security issue affecting almost 50 million accounts. more
Today, this is how easily "TRUST" by your users/customers can be shattered, your revenues devastated, your share value plunged into the abyss, and your business destroyed. Furthermore, conventional thinking belongs only in university libraries, not in board rooms. It is time to seriously consider other innovative Out-Of-The-Box Solutions and doing things differently, or start writing your business obituary. more
I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. more
The alarming rise of phishing attacks has been underscored by a recent study "Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing conducted" by the Interisle Consulting Group, revealing a tripling of such attacks since May 2020. Despite efforts by companies and policymakers to combat this cybercrime, the data suggests that the prevailing strategies are ineffective and worsening each year. more
Akamai releases its Third Quarter, 2016 State of the Internet / Security Report, providing analysis of the current cloud security and threat landscape, including insight into two record setting DDoS attacks caused by the Mirai botnet. more
A few months ago, an article appeared on arstechnica.com asking the question "Should cybersecurity be managed from the White House?" During the recent presidential elections in the United States and the federal elections in Canada, the two major players in both parties had differing views that crossed borders. In the US, the McCain campaign tended to favor free market solutions to the problem of cybersecurity, and the Conservatives in Canada took a similar position... more
Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot? more
The Internet as we know it and use it today -- is broken, badly broken. Yes broken so much so that we are really crazy to have any expectations of privacy or security. Yes, really. The Internet was conceived as somewhat of a utopian environment, one where we all keep our doors, windows and cars unlocked and we trust all the people and machines out there to "do the right thing...". more
We've seen alarmingly BIG increases in multiple abusive behaviors – like phishing, hacking and malware – that often leverage the domain name system (DNS) and privacy/proxy services. Cybercriminals capitalize on gaps in DNS security measures, and ICANN is holding the door open for them by failing to implement their privacy/proxy policy. If you are ever targeted, you are not alone. more
A World-Renowned Source for Internet Developments. Serving Since 2002.