Cybersecurity

 Sponsored
by

Cybersecurity / Featured Blogs

Searching for Truth in DKIM: Part 4 of 5

Mar 23, 2009

Once you've determined that you can trust the signer of a message, as we discussed in part 3, it's easy to extrapolate that various portions of the message are equally trustworthy. For example, when there's a valid DKIM signature, we might assume that the From: header isn't spoofed. But in reality, DKIM only tells us two basic things... more

Designing Secure Networks with Cisco Technology, Part 4

Mar 22, 2009

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more

IANA: A Tale of Two Fails

Mar 20, 2009

The IANA -- Internet Assigned Numbers Authority -- is, functionally, the boiler room of the Internet. Every protocol in use to shovel data from Tallahassee to Timbuktu? Listed there. IP addresses? They are the root from which all addresses flow. Domain names? They are the Source. The entire operation is chock-full of magic numbers, numbers that form and fuel the digital world we use daily. But there are other, lesser-known numbers... It is of PENs that I write today... more

Worming Our Way Out of Trouble

Mar 20, 2009

The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more

The DNSSEC Industry Coalition Meets to “Make It So”

Mar 18, 2009

The DNSSEC Industry Coalition conducted its first face to face meeting on Friday, March 13, 2009 at Google's Washington, DC office. Google's fun filled meeting room was packed with organizations that share a keen interest in DNS Security through the implementation of DNSSEC. more

How Hard Is It to Deploy DKIM?

Mar 17, 2009

It's coming up on two years since the DomainKeys Identified Mail (DKIM) standard was published. While we're seeing a certain amount of signed mail from Google, Paypal, and ESPs, there's still a long way to go. How hard is it to sign your mail with DKIM? The major hurdle might seem to be getting mail software that can sign outgoing mail. more

Searching for Truth in DKIM: Part 3 of 5

Mar 17, 2009

Last year, MAAWG published a white paper titled Trust in Email Begins with Authentication [PDF], which explains that authentication (DKIM) is “[a] safe means of identifying a participant-such as an author or an operator of an email service” while reputation is a “means of assessing their trustworthiness.”

 more

U.S. Cyber Security: Blurred Vision

Mar 17, 2009

It has been beaten, butted, and batted around quite a bit in the past few weeks -- let's look at a rough timeline of political issues which bring me to this point. Let's look at the power struggle (I prefer to call it confusion) in the U.S. Government with regards to "Cyber Security" -- in a nutshell. In the latter part of 2008, the U.S. House of Representatives Homeland Security Committee determined that DHS was not capable of providing proper critical infrastructure protection (and other Cyber protection capabilities) due to a number of issues. This may well be a political maneuver, or it may well actually have merit. more

  • By Fergie
  • Comments: 0
  • Views: 8,579

Recursive DNS and You

Mar 16, 2009

In the world of DNS, there are two types of DNS servers, 'recursion disabled' and 'recursion enabled'. Recursion disabled servers, when asked to resolve a name, will only answer for names that they are authoritative for. It will absolutely refuse to look up a name it does not have authority over and is ideal for when you don't want it to serve just any query. It isn't, however, very useful for domains you don't know about or have authority over... more

Searching for Truth in DKIM: Part 2 of 5

Mar 13, 2009

In part 1, we explained that the DKIM "d=" value identifies the domain name which signed the message, which may be a different domain name from the author of the message. Tying the signing and author domains together will require an additional standard: Author Domain Signing Practices (ADSP). In IETF parlance, the "author domain" is the domain name in the From: header, so ADSP is a way for the author domain to publish a statement specifying whether any other domain name should ever sign a message purporting to be From: that author domain... more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

Thoughts on RDRS for Brand Owners

  • By CSC
  • May 13, 2024

Unraveling the World of Security Data Aggregation

A DNS Investigation of the Typhoon 2FA Phishing Kit

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

View More