Cybersecurity

Increasingly Aggressive Russia, Cyberwarfare a Growing Threat to UK, Says MI5 Chief

"In the first newspaper interview given by an incumbent MI5 chief in the service's 107-year history, Andrew Parker said that at a time when much of the focus was on Islamic extremism, covert action from other countries was a growing danger. Most prominent was Russia," Ewen MacAskill and Paul Johnson reporting in The Guardian. more

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

The National Cybersecurity Center of Excellence (NCCoE) has invited comments on a draft practice guide to help organizations improve email security and defend against phishing, man-in-the-middle, and other types of email-based attacks. more

UK Raises Cybersecurity Spending to $2.3 Billion

Britain's finance minister on Tuesday announced government's new five year National Cyber Security Strategy, almost doubling the funding from its 2011 plan to 1.9 billion-pound ($2.3 billion). more

US DMCA Rules Updated - Now Legal to Hack Devices, Cars, Video Games, If Done in ‘Good Faith’

The U.S. government has released an updated version of the Digital Millennium Copyright Act (DMCA), adding a list of new exemptions that will protect cybersecurity professionals from prosecution over reverse-engineering of products for research purposes. more

New Technique Detects and Eliminates Abusive Domains at Time of Registration

A team of researchers from Princeton University and the University of California has developed a machine-learning algorithm named PREDATOR that can accurately establish domain reputation at the time of domain registration. more

The Effects of the Forthcoming FCC Privacy Rules on Internet Security

Last week, the Federal Communications Commission (FCC) announced new privacy rules that govern how Internet service providers can share information about consumers with third parties. One focus of this rulemaking has been on the use and sharing of so-called "Consumer Proprietary Network Information (CPNI)" - information about subscribers - for advertising. The Center for Information Technology Policy and the Center for Democracy and Technology jointly hosted a panel exploring this topic last May... more

Experts Concerned Over Looming Security Risks of Ultrasonic Cross-Device Tracking

In the upcoming Black Hat London presentation, security researcher from University College London, Vasilios Mavroudis and colleagues are going to describe and demonstrate the practical security and privacy risks that arise with the adoption systems enabled with ultrasonic cross-device tracking (uXDT). more

No Apparent Financial or Political Motivation Behind Dyn DDoS Attacks, Says Intelligence Firm

In an after-action analysis of the Mirai botnet attacks on Dyn, business intelligence firm, Flashpoint has assessed with "a moderate degree of confidence" that the perpetrators behind the attack were most likely not politically motivated, and most likely not nation-state actors. more

Taking a Closer Look at the Recent DDoS Attacks and What it Means for the DNS

The recent attacks on the DNS infrastructure operated by Dyn in October 2016 have generated a lot of comment in recent days. Indeed, it's not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways, this DNS DDOS prominence is for all the wrong reasons! I'd like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks. more

Amnesty International: Popular Mobile Apps Failing to Adopt Basic Privacy Protections

"Tech companies like Snapchat and Skype's owner Microsoft are failing to adopt basic privacy protections on their instant messaging services, putting users' human rights at risk," says Amnesty International. more

U.S. Federal Government Response Too Slow to Friday’s Internet Attack, Warns Cybersecurity Official

"We often refer to the Cuyahoga River in Cleveland that caught on fire over 20 times before we actually did something to introduce the Clean Water Act," says Allan Friedman, the director of cybersecurity initiatives for the Department of Commerce's National Telecommunications and Information Administration (NTIA), in conference call on Monday. more

U.S. Department of Transportation Issues Federal Cybersecurity Guidance to Automotive Industry

U.S. Department of Transportation issues Federal guidance to the automotive industry for improving motor vehicle cybersecurity. The guidance covers cybersecurity best practices for all motor vehicles, individuals and organizations manufacturing and designing vehicle systems and software. more

Security as a Major Factor for Online Consumers

There is no doubt that the number of online consumers is on a rise and that this is a trend that will not stop any time soon. Over the last couple of years, the number of digital buyers has grown by a steady 150 million each year. This number is expected to stay stable for a few more years to come. By 2020, about two billion people will be purchasing things online and making online money transactions on a regular basis. more

The Massive Cyberattack or Chronicle of a Strike Foretold

During the last Computer Law Conference organized by ADIAR (Argentina Computer Law Association) and the Universidad Nacional de Sur, I gave a conference on the Internet of Things, cybercrime and dangerous situation presented by the lack of proper regulation -- a topic in which I have one of my research projects. At the moment some people argued that I was talking about something that might happen in a relatively distant future, dissenting with my view that the possibility was imminent.. more

Over 3.2 Million Debit Cards May Have Been Compromised, Says National Payment Corporation of India

A total of 3.2 million debit cards across 19 banks may have been compromised as a result of a suspected malware attack. The breach, possibly largest of its kind in India, was confirmed by the National Payment Corporation of India (NPCI) in a statement today. more