Cybersecurity |
Sponsored by |
The European Union (EU) has set a high bar by tackling domain name system (DNS) abuse head on via government regulation and seems to have successfully resisted attempts to water down DNS stewardship obligations. Recent guidance from a key European Commission cooperation group (the NIS Cooperation Group) handling sections of the Network and Information Security Directive (NIS2) intends for a robust implementation of Article 28, which will go a long way toward helping to mitigate some of the longstanding problems that persist in the DNS.
As if we didn't have a long enough list of problems to worry about, Lumen researchers at its Black Lotus Labs recently released a blog that said that it knows of three U.S. ISPs and one in India was hacked this summer. Lumen said the hackers took advantage of flaws in software provided by Versa Networks being used to manage wide-area networks.
Global leaders gathered in New York at the Summit of the Future and adopted the "Pact for the Future" on Sunday 22nd September. This is a historic milestone as the Pact is the first international agreement aimed at securing a better digital future for all, grounded in human rights. The recent adoption of the "Pact for the Future" at the United Nations General Assembly marks a significant step toward revitalizing multilateral cooperation in an increasingly fragmented world.
Despite global polarization, recent UN cyber diplomacy has achieved three significant agreements in 2024: a cyber attack reporting system, a convention against cybercrime, and a "Global Digital Compact." These successes show that consensus on global issues is possible, though the vague wording of agreements raises concerns about their long-term effectiveness in ensuring security and peace.
When it comes to breach disclosures, today's chief information security officers (CISOs) are struggling with an especially turbulent regulatory environment. Security teams are understaffed, and systems are more extensive, making them harder to monitor and defend, while threats are becoming more sophisticated, more frequent, and more varied. It's at precisely this difficult juncture that regulations and enforcement are rapidly changing, leaving CISOs feeling like they are running up the down escalator.
There are many inconvenient truths about radio spectrum sharing and transceiver interoperability that require full ventilation and resolution. Spectrum users want exclusive access and - news flash - they do not like to share! Campaign events, like the Trump Bulter, PA rally, require short notice, forced cooperation between and among federal, state, and local law enforcement officers, as well as a variety of other government agencies.
Interisle Consulting Group today released its fourth annual Phishing Landscape report investigating where and how cybercriminals acquire naming and hosting resources for phishing. Our study shows that cybercriminals evolved their tactics for obtaining attack resources, including sharply increasing their exploitation of subdomain and gateway providers.
A recent news story, following research from security provider Infoblox, highlighted the case of the 'Revolver Rabbit' cybercriminal gang, who have registered more than half-a-million domains to be used for the distribution of information-stealing malware. The gang make use of automated algorithms to register their domains, but unlike the long, pseudo-random ('high entropy') domain names frequently associated with such tools, the Revolver Rabbit domains instead tend to consist of hyphen-separated dictionary words (presumably so as to obfuscate their true purpose), with a string of digits at the end.
The Optus outage in Australia from last year was immediately on my mind when on Friday afternoon a similar event swept, this time, across the world. Also, in this case it was a software update that caused the problem. This time from global security software provider CrowdStrike. The culprit appears to be an update to the CrowdStrike Falcon platform, a security monitoring tool widely deployed by businesses and organisations on Microsoft desktop computers and notebooks.
On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states.