Google has announced its first initiative out of Jigsaw which is the expansion of its experimental service, Project Shield. Google is offering Project Shield as a free service leveraging Google technology to protect news and free expression sites from DDoS attacks on the web. more
In its security bulletin, Akamai's Security Intelligence Response Team (SIRT) reported on abuse of DNS Security Extensions (DNSSEC) when mounting a volumetric reflection-amplification attack. This is not news, but I'll use this opportunity to talk a bit about whether there is a trade-off between the increased security provided by DNSSEC and increased size of DNS responses that can be leveraged by the attackers. more
Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources. more
A dramatic increase in DNS reflection/amplification DDoS attacks abusing Domain Name System Security Extension (DNSSEC) configured domains have been observed in the past few months, according to a security bulletin released by Akamai’s Security Intelligence Response Team (SIRT). more
Over the last couple of years, the networking industry has grown aware of the various security issues that could potentially have a huge impact on their operations. One of the topics that has raised in appeal is DNS security. Considering that much of the publicity around DNS is made by vendors trying to differentiate their solutions, there are many misconceptions out there that guide people into making poor investment in their infrastructure. more
Security experts from Google's Project Zero along with researchers from Red Hat, have identified and helped patch a security flaw in the GNU C Library (glibc) that could be exploited via rogue DNS servers, reports Catalin Cimpanu from Softpedia. more
President Obama is seeking a 35 percent increase in cybersecurity funding in his final budget to boost the capability of the federal government to defend itself against cyberattacks, reports Ellen Nakashima in the Washington Post. more
Throughout the course of my career I've been blessed to work with some of the most talented folks in the security and cyber threat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Before I came to lead the Verisign iDefense team about five years ago, I had to evaluate external cyber-intelligence vendors to complement and expand the enterprise capabilities of my former organization. more
'It could've been worse' is a fascinating expression. It implies that the incident in question obviously could have been worse than expected, however it also implies that it could have been better, ultimately leading to the conclusion that it was at least somewhat bad. So both fortunately and unfortunately for three Greek banks, the ransom DDoS attacks levied against them by hacker group the Armada Collective could have been worse. more
It seems that this last holiday season didn't bring much cheer or goodwill to corporate security teams. With the public disclosure of remotely exploitable vulnerabilities and backdoors in the products of several well-known security vendors, many corporate security teams spent a great deal of time yanking cables, adding new firewall rules, and monitoring their networks with extra vigilance. more
Ransomware via a phishing attack was sent to Israel Electric Authority, not the power grid, as was heavily reported in mainstream media today. According to a cyber analyst in Israel (Eyal Sela) the media reporting so far is misleading with regards to the context around the incident, reports Robert M. Lee of SANS Institute. more
Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more
The Internet is chock full of really helpful people and autonomous systems that silently probe, test, and evaluate your corporate defenses every second of every minute of every hour of every day. If those helpful souls and systems aren't probing your network, then they're diligently recording and cataloguing everything they've found so others can quickly enumerate your online business or list systems like yours that are similarly vulnerable to some kind of attack or other. more
Last week I asked on a post elsewhere, why we, at the MLi Group, chose to consider speakers, panelists, supporters and sponsors at our Global Summit Series (GSS) as "Thought Leaders" and "Trend Setters? Many wrote me directly offering their answers and then it dawned on me that my answer may (or may not) get appreciated by many at the ICANN community. So here is why we do. more
The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries. The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.