Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Ars Technica's Dan Goodin reports that an "investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations." more
Speaking at The Times Tech Summit in London, Ciaran Martin, chief of the National Cyber Security Centre (NCSC), warned Russia is seeking to undermine the international system. more
In support of National Cyber Security Awareness Month, DDoS Awareness Day is a virtual, global event focused on raising awareness and education around the threat of DDoS attacks. Hosted by Neustar with and exclusive media partner CSO, DDoS Awareness Day brings together top experts in global security to share their views, technical tips and from-the-trenches experience. Attendees will also be given access to a wealth of DDoS materials: white papers, surveys, presentations, best practices and more. more
Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more
A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more
BP and the Oil Industry are taking a lot of heat these days - much of it rightly so. Moving beyond the drama and evaluating the overall response of BP and others reinforces much of what is taught in incident response training and preparation... by showing the outcomes when one does not respond well. This is probably the most important incident that the responders involved will deal with in their professional lives. For those of us working to protect Internet Infrastructure and resources there are useful lessons as we consider what is happening in the Gulf of Mexico and their response effort. more
According to various news outlets, Russia is reported to be planning a complete Internet shut down, as part of a test of its cyber-defenses. more
Most people - mistakenly - believe that they are perfectly safe behind a firewall, network address translation (NAT) device or proxy. The fact is quite the opposite: if you can get out of your network, someone else can get in. Attackers often seek to compromise the weakest link in a network and then use that access to attack the network from the inside, commonly known as a "pivot-and-attack." more
Close to 1300 IP addresses were hijacked this morning resulting in Amazon losing control of a number of its highly used cloud services. more
Over 260 global network and security experts have collectively responded to the newly proposed FCC rules laid out in ET Docket No. 15-170 for RF Devices such as Wi-Fi routers by proposing a new approach to improve the security of these devices. The letter warns FCC ruling will cause more harm than good and risk a significant overreach of the Commission's authority. more
Does threat intelligence (TI) work? I looked into that question last year, exploring the reasons why it actually doesn't and what can be done to remediate the situation. Since then, more companies have incorporated TI into their security processes, and many are still not getting the benefits they expect. What's causing the dissatisfaction? Interestingly, pretty much the same aspects... more
Karachi-based Bank Islami revealed Saturday morning that it had detected abnormal transactions resulting in 2.6 million Pakistani rupees, roughly $19,500 and precautionary steps where taken immediately. more
During the two-day Cybersecurity in Civil Aviation conference, Poland announced an agreement to test a cybersecurity pilot program for the aviation sector as Europe's European Aviation Safety Agency (EASA) civil aviation authority face increasing threats posed by hackers to air traffic. more
Elon Musk has attributed a series of major disruptions on X, the social media platform he owns, to a large-scale cyberattack. The outages, which persisted for several hours today (and are still ongoing), left users unable to access the service, triggering a flurry of speculation. more
In its security bulletin, Akamai's Security Intelligence Response Team (SIRT) reported on abuse of DNS Security Extensions (DNSSEC) when mounting a volumetric reflection-amplification attack. This is not news, but I'll use this opportunity to talk a bit about whether there is a trade-off between the increased security provided by DNSSEC and increased size of DNS responses that can be leveraged by the attackers. more
A World-Renowned Source for Internet Developments. Serving Since 2002.