Cybersecurity |
Sponsored by |
|
The Internet was not originally designed as a single network that serviced much of the world's digital communications requirements. Its design was sufficiently flexible that it could be used in many contexts, including that of small network domains that were not connected to any other domain, through to large diverse systems with many tens of thousands of individual network elements. If that is indeed the case, then why is it that when networks wish to isolate themselves from the Internet, or when a natural calamity effectively isolates a network, the result is that the isolated network is often non-functional. more
In defining what is meant by "Internet Fragmentation" it is useful to briefly describe what is meant by its opposite, an "Open and Coherent Internet". As we've explored in the previous section, "coherence" implies that each of the elements of the Internet are orchestrated to work together to produce a seamless Internet which does not expose the boundaries between discrete elements. more
Federal databases, such as those being compiled by the Consumer Financial Protection Bureau and the Federal Trade Commission, contain data about many people and businesses. Although some of this data may be protected personal information (PPI), there is also extensive information in federal databases that is publicly disseminated via the internet. If the information is wrong, it has the potential to be a vector of tortious mischief. more
On Thursday, Oct 1, 2015, from 9:30am-4:30pm US EDT (UTC-4), Dyn will be holding their "TechToberFest" event in Manchester, NH, and also streaming the video live for anyone interested. There are a great set of speakers and a solid agenda. As I wrote on the Internet Society blog, I'll be part of the security panel from 3-4pm US EDT... and we who are on the panel are excited to participate just for the conversation that we are going to have! It should be fun! more
Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. more
The primary means of authentication on the Internet is the password -- a half-century old, shared secret mechanism that is difficult to use (especially on mobile devices) and has acknowledged security flaws including attacks at scale. Even so, passwords remain the most prevalent form of authentication with efforts to enhance security typically relying on "bolt on" solutions that increase user friction. more
Senior U.S. and Chinese officials concluded a four day meeting on Saturday discussing cyber security issues ahead of Chinese President Xi Jinping's visit to Washington later this month. more
If this past quarter's stories are any indication, we could very well be seeing the rise of a new wave of threats that will affect people in a more pronounced and physical level, reports Trend Micro in its Q2 Security Roundup Report. more
Ubiquiti Networks Inc., a San Jose based maker of networking technology, has disclosed that cyber criminals stole $46.7 million via a "business email compromise fraud involving employee impersonation." more
Usernames/email addresses and encrypted passwords for profile accounts created on the ICANN.org public website have been obtained by an unauthorized person, the Internet Corporation for Assigned Names and Numbers announced Wednesday night. more
In my last blog post I shared some of the general security challenges that come with the Internet of Things (IoT). In this post, I will focus on one particular security risk: distributed denial of service (DDoS) attacks. Even before the age of IoT, DDoS attacks have been turning multitudes of computers into botnets, attacking a single target and causing denial of services for the target's users. By "multitudes" we can be talking about thousands or even millions of victim devices. Now add IoT into the equation... more
Shadow IT -- the use of unsanctioned software and services by employees -- is a problem. It's a big one. According to Forbes, 72 percent of executives don't know how many "shadow" apps are being used on their network. Beyond overloading network resources and impacting data compliance, there is also the real threat of security breaches from unapproved apps. Managing IT you can't see is no easy task, but fortunately it's not impossible. Here are five tips to help bring light to the shadows. more
Over the last few years I've been hearing some people claim that botnets are the real spam problem and that if you can find a sender then they're not a problem. Much of this is said in the context of hating on Canada for passing a law that requires senders actually get permission before sending email. Botnets are a problem online. They're a problem in a lot of ways. They can be used for denial of service attacks. They can be used to mine bitcoins... more
Today the Internet Technical Advisory Committee (ITAC) to the OECD published the fifth edition of its newsletter. The ITAC was created in 2009 following the OECD's Seoul Ministerial with the objective to provide Internet technical and policy expertise to the work of the OECD on Internet-related issues. This informal group is coordinated by the Internet Society and currently counts 28 members active in domains such as open Internet/Web standards development, interconnection, IP addressing, security or privacy. more
Unlike consultant-led penetration testing, periodic or continual vulnerability scanning programs have to operate harmoniously with a corporation's perimeter defenses. Firewalls, intrusion prevention systems, web proxies, dynamic malware analysis systems, and even content delivery networks, are deployed to protect against the continuous probes and exploit attempts of remote adversaries -- yet they need to ignore (or at least not escalate) similar probes and tests being launched by the managed security service providers an organization has employed to identify and alert upon any new vulnerabilities within the infrastructure or applications that are to be protected. more
A World-Renowned Source for Internet Developments. Serving Since 2002.