Cybersecurity

Sponsored
by

Cybersecurity / Featured Blogs

Solving the .US Registrant Data Directory Services (RDDS) Conundrum

Recently ten Democratic Members of Congress wrote a letter to Alan Davidson, head of the NTIA, requesting that the "NTIA immediately cease the public disclosure of personal information about users of .US" country code top-level domain (ccTLD). This communication highlights a significant concern regarding domain registration data: the need to protect the privacy rights of Registrants. However, an equally significant concern regarding registration data was raised... more

Four Steps to an Effective Brand Protection Program

Internet use has become ever more pervasive. With around five billion global users, it generates an economy of around 15% of global gross domestic product (GDP); that's around $15 trillion and is a figure that's growing 2.5 times faster than GDP itself. This makes the internet an attractive channel for infringers. Phishing and other fraud tactics, selling counterfeit goods online, and digital piracy are primary areas of concern. more

Hijacked IP Addresses

From time to time, a party can get out of control. Raucous celebration can become careless, even destructive. Combine a critical number of young people, a certain amount of beer and lots of music and damage often happens. Partygoers leave a mess behind them. The same thing happens to some IP addresses. Malicious actors use IP addresses properly registered to someone else. more

Registration Patterns of Deceptive Domains

A key requirement for a bad actor wanting to launch a brand attack is the registration of a carefully chosen domain name. The most convincing infringements frequently use a domain name that's deceptively similar to that of the official site of the target brand. This allows a variety of attacks to be executed, including phishing attacks... more

Cyberhygiene Requires Critical Thinking

At his farewell speech in August outgoing, Telstra CEO Andy Penn mentioned that the cyber threat has never been as serious as the present. He mentioned the deteriorating geopolitical situation and the big shift in how criminals operate in the cyber domain. One thing is for sure is that in order to enjoy all the positives resulting from the digital economy, we need to be far more vigilant about the barrage of information that we are receiving and/or have access to. more

Businesses Beware: Cybersecurity Awareness Varies Based on Job Function

Businesses should consider bumping phishing as an urgent concern in their cybersecurity agendas. To those still unacquainted, "phishing" refers to the use of fake emails, messages, and websites that fool users into giving up access to accounts and information or into installing malware through attachments. It has become quite rampant over recent years. Attackers are using the method as a primary means to breach defenses, and with good reason: they work. more

The Latest OEWG on ICTs Report: Thoughts and Recommendations

At the end of July, the Open-ended Working Group (OEWG) on ICTs -- which is currently discussing how states should and shouldn't behave in cyberspace - concluded its third meeting, which falls in the middle of its four-year mandate (ending in 2025). Below, we provide a summary of what happened, reflections on the outcomes and implications (the good and the bad), and some practical recommendations for stakeholders and governments to consider ahead of the next meeting. more

Visit of US House Speaker Pelosi to Taiwan Has Little Impact on Network Infrastructures

I'm writing this from Taipei, where I have lived in peace for over 10 years. Sadly I learned that during this week, intermediate-range ballistic missiles (operated by China) have flown far above the capital of Taiwan and that five of them have landed in the waters of Japan's exclusive economic zone (EEZ). This provocative live-firing drill came as a direct response from China following Pelosi's visit. more

Solving the “Fake Twitter Profile” Problem Using DNS

Recently, an article I wrote for Bitcoin Magazine talked about how we can use DNS underscore scoping to better abstract Lightning addresses and even create a de facto specification that could work on any resource (like a wallet or a smart contract) across all blockchains. more

Where Domain Security Meets the Supply Chain Crunch

Over the last two years, we've all faced supply shortages on items we previously never thought could be in short supply. Most recently, the baby formula and semiconductor markets were hit. Before that, supply chain attacks on Colonial Pipeline and JBS Foods showed us that an attack on one company through a singular point of compromise has the potential to disrupt an entire network of connected companies, products, partners, vendors, and customers. more