Cybersecurity |
Sponsored by |
|
On April 16th at 11:00pm GMT, the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy. The spam messages claim to contain news concerning the Boston Marathon bombing, reports Craig Williams from Cisco. The spam messages contain a link to a site that claims to have videos of explosions from the attack. Simultaneously, links to these sites were posted as comments to various blogs. more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released new guidance concerning the reporting and disclosure of bugs that affect the Domain Name System, including information of how ICANN itself will behave in response to vulnerabilities. Until recently, ICANN, which is responsible for maintaining the root domain servers at the heart of the DNS system, had no specific guidelines for the reporting of vulnerabilities, leaving responsible disclosure protocols up to the researchers who discovered the bug. more
The headlines out of ICANN's meeting in Beijing may be all about new domains, but it is the quiet, systemic evolution of ICANN itself that holds the greatest promise for Internet users globally. ICANN President Fadi Chehadé opened the meeting by announcing that it was ICANN's "season to evolve," and setting forth a series of programs, restructuring efforts and policy initiatives intended to make ICANN more responsive to the needs of its stakeholders, and by extension, to the needs of all Internet users, everywhere in the world. more
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth. more
Neil Schwartzman writes to report that U.S. Cert issued Alert TA13-088A on Friday March 29, 2013. "It is a solid how-to guide to test for, and remediate DNS configurations that can be used for Distributed Denial of Service attacks." more
For those of you interested in IPv6 and/or DNSSEC, we'll have a live webcast out of the Internet Society's ION Singapore conference happening tomorrow, March 28, 2013, starting at 2:00pm Singapore time. more
Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers." more
ICANN has released a set of guidelines to explain its Coordinated Vulnerability Disclosure Reporting. The guidelines serve two purposes, says ICANN: "They define the role ICANN will perform in circumstances where vulnerabilities are reported and ICANN determines that the security, stability or resiliency of the DNS is exploited or threatened. The guidelines also explain how a party, described as a reporter, should disclose information on a vulnerability discovered in a system or network operated by ICANN." more
As noted in my first article of this series (see part one, two and three), security and reliability encompass holistic network assessments, vulnerability assessments and penetration testing. This month I'd like to go deeper into penetration testing; however, first, let's go back for a quick refresh before getting started. more
Building on my last article about Network Assessments, let's take a closer look at vulnerability assessments. (Because entire books have been written on conducting vulnerability assessments, this article is only a high level overview.) What is a vulnerability assessment? more
This post was co-authored by Sarah McKune, a senior researcher at the Citizen Lab. Public attention to the secretive world of cyber espionage has risen to a new level in the wake of the APT1: Exposing One of China's Cyber Espionage Units report by security company Mandiant. By specifically naming China as the culprit and linking cyber espionage efforts to the People's Liberation Army, Mandiant has taken steps that few policymakers have been willing to take publicly, given the significant diplomatic implications. more
As noted in the first part of this series, Security and Reliability encompasses holistic network assessments, vulnerability assessments, and penetration testing. In this post I'd like to go deeper into network assessments. I stated last time that the phrase "network assessment" is broad. more
I co-authored a book in 2005, titled "Extreme Exploits: Advanced Defenses Against Hardcore Hacks." My chapters focused on securing routing protocols such as BGP, and securing systems related to DMZs, firewalls, and network connectivity. As I look back over those chapters, I realize that the basic fundamentals of network security really haven't changed much even though technology has advanced at an incredible pace. "Defense in depth" was a hot catch phrase seven years ago, and it still applies today. more
In the first part of this trilogy, I discussed the importance of automatically provisioned second generation DNS in connection with Software Defined Networking (SDN) and Software Defined Data Centre (SDDC). In the second post, I talked about IP addressing, private enterprise networks, and how DHCP does not meet the requirements of multitenant Infrastructure-as-a-Service (IaaS) cloud environments. I will now wrap up this trilogy by putting these two thesis into real-life context. more
In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more