Cybersecurity

 Sponsored
by

Cybersecurity / Featured Blogs

Government and Botnets

Oct 07, 2011

The US government is looking at telling ISPs how to deal with compromised customers and botnets. They're a bit late to the party, though. Most of the major commercial ISPs have been implementing significant botnet controls for many years now.

The Human Factor in DDoS Attacks

Sep 25, 2011

Ripped from the headlines: A recent DDoS attack lasted an entire 60 days. In other news, a single site was attacked 218 times in Q2 alone. To those of us in the business of protecting Web infrastructure, these stories are hardly surprising. What's notable, though, is where they were reported, in The Financial, whose focus is banking and financial services, not technology. The reporters used the term "DDoS" as if it were as common as "hedge fund," something everyday business people, not just techies, grasp. It's this human element that caught my interest and got me thinking a little.

On the Success of Malware

Sep 23, 2011

There's often a lot of discussion about whether a piece of malware is advanced or not. To a large extent these discussions can be categorized as academic nitpicking because, at the end of the day, the malware's sophistication only needs to be at the level for which it is required to perform -- no more, no less. Perhaps the "advanced" malware label should more precisely be reattributed as "feature rich" instead.

Recent Industry Changes: Internet Standards, ARIN WHOIS Changes, Hotmail Postmaster Pages

Sep 23, 2011

Signing Email is now a Draft Standard! Signing email transitioned from a proposed standard to a draft standard (RFC6376 -- one of the new RFCs) over at the IETF a few days ago. The other is RFC6377. Let's go through a brief history of DKIM RFCs to refresh our memories...

Typosquatting Continues to Pose Dangers to Enterprises, Consumers

Sep 21, 2011

While typosquatting is not a new phenomenon, recent research highlights that it is being used to collect sensitive corporate information from employees and lure consumers to interact with dubious websites. ... Security consultancy Godai Group recently uncovered the use of a specific type of typosquat - a "doppelganger domain" - to collect sensitive enterprise information via email-based attacks.

Russia and China Propose UN General Assembly Resolution on “Information Security”

Sep 20, 2011

On September 12 China, the Russian Federation, Tajikistan and Uzbekistan released a Resolution for the UN General Assembly entitled "International code of conduct for information security." The resolution proposes a voluntary 12 point code of conduct based on "the need to prevent the potential use of information and communication technologies for purposes that are inconsistent with the objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States..."

Hacking Away at the Internet’s Security

Sep 17, 2011

The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network.

Critical Data Belongs in the Cloud, Not Under It - Lessons Learned from Irene

Sep 14, 2011

"As flood waters from Tropical Storm Irene swamped the Waterbury state office complex, seven employees from the Vermont Agency of Human Services rushed inside to rescue computer servers that are critical for processing welfare checks and keeping track of paroled prisoners living around the state," according to a story by Shay Totten on the 7days blog Blurt. Two of the employees - network administrator Andrew Matt and deputy chief information officer Darin Prail - lost their cars in the parking lot as the river rose but kept on working to assure that our servers were not lost. "We didn't know how much time we had," Matt said, "and our job was to save the servers."

Brands Should Not Ignore the Security Benefits of New gTLDs

Sep 12, 2011

If one thing has become clear from recent commentary on ICANN's new top-level domain program, it's that there's a dramatic lack of understanding about some of the benefits of owning your own TLD - especially as it relates to security. Many brand owners - especially those with luxury brands - could realize immediate benefits from reduced counterfeiting and greater brand trust with a "dot Brand."

Death and Your Online Identity

Sep 07, 2011

How large is your digital footprint? If you pulled together your email account, web site, blog, social networking accounts, and every other virtual identity you have online, just how well known are you on the Internet? Have you ever stopped to consider what happens to your online identity when you die? How would your online friends know? What would happen to your accounts and your content?

Industry Updates

Down the DNS Funnel and into the Funnull Infrastructure

Framing the AkiraBot Framework Under the DNS Lens

Shining the DNS Spotlight on Lumma Stealer

A DNS Examination of the Phishing Campaign Targeting Japanese Brokerage Firms

A DNS Deep Dive into the LabHost PhaaS Infrastructure

New MITRE ATT&CK Groups for 2025: A DNS Deep Dive

Exploring the DNS Flipside of SideWinder

Global Domain Activity Trends Seen in Q1 2025

Attaxion Becomes the First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)

Unlocking the DNS Strongbox of BADBOX 2.0

Unearthing the DNS Roots of the Latest Lotus Blossom Attack

Detectify vs Intruder: External Attack Surface Management on a Budget

Rounding Up the DNS Traces of RA World Ransomware

Tempering Tax Season Troubles with DNS Intel

Decrypting the Inner DNS Workings of EncryptHub

View More