Cybersecurity |
Sponsored by |
|
On January 8, 2013, a Judge from the United States District Court in Texas ruled against a high school sophomore's refusal to wear a smart identity card embedded with a radio frequency chip which is part of the school's smart ID card student locator project. The Judgment show the Testimonies of Superintendent and the Principal in stating that the sensors do not give exact readings nor are they able to pinpoint the exact location of the students. more
On Friday 11 January 2013 the European Cybercrime Centre, EC3, officially opened its doors at Europol in The Hague. If something shone through from the speeches of the panel participants, it is that there are tight budget restraints and a strong wish to cooperate with the U.S., the Interpol centre in Singapore and Russia. Let me share my thoughts on expectations. more
Here are the top ten most popular news, blogs, and industry updates featured on CircleID during 2012 based on the overall readership of the posts for the past 12 months. Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2013. more
In general, a network firewall is just a traffic filter... Filtering rules can be anything from "allow my web server to hear and answer web requests but not other kinds of requests" to "let my users Ping the outside world but do not let outsiders Ping anything on my network." The Internet industry has used firewalls since the mid-1980's and there are now many kinds, from packet layer firewalls to web firewalls to e-mail firewalls. Recently the DNS industry has explored the firewall idea and the results have been quite compelling. In this article I'm going to demonstrate a DNS firewall built using RPZ (Response Policy Zones) and show its potential impact on e-mail "spam". more
Throughout the second half of 2012 many security folks have been asking "how much is a zero-day vulnerability worth?" and it's often been hard to believe the numbers that have been (and continue to be) thrown around. For the sake of clarity though, I do believe that it's the wrong question... the correct question should be "how much do people pay for working exploits against zero-day vulnerabilities?" more
It is midnight in Dubai and I am listening to the final readings of the International Telecommunication Regulations (ITR). This instrument is the final output of two weeks of negotiations at the World Conference on International Telecommunication (WCIT), a gathering of the world's nations to update the the ITRs. The Chair goes through the document article by article, section by section, and with each passing "thank you", this Conference draws to a close. Many in the room are elated. more
Please share this post. After a tragedy, many of us want to donate to funds and charities to show our support for a community. However, scam charities immediately pop up, looking to steal your well intentioned donations. There are at least 30 newly-registered domains over the past 48 hours related to the tragic shootings at the Sandy Hook elementary school in Connecticut: Most, if not all are scams and rip-offs. How then, to donate so that your funds make it to the deserving victims? more
Distributed denial-of-service (DDoS) attacks that targeted U.S. financial institutions this week have reached 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks. more
Yesterday, in my post on three new threats in one day, I posed the question whether it was necessary to develop regulations that would set a minimum standard on cyber security for devices that connect to the Internet. I'm having second thoughts here, which I'll explain in this post, but also try to look at a way forward and ask you to engage. more
Another contentious issue at the WCIT in Dubai is 'security'. There has been a dramatic increase in nervousness regarding a whole range of security issues, especially in relation to the internet. They include: SPAM, denial-of-service-attacks, identity theft, cybercrime, cyberwarfare, and privacy issues on social media. From the list above it is clear that some of these issues are related to content, while some can be classified as national security and others as criminal offences. In other words, there is no clear-cut issue on what constitutes security. more
SANS has announced NetWars CyberCity, a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. NetWars CyberCity was developed to teach cyber warriors from the U.S. Military how online actions can have kinetic effects. more
Security researchers have found a new variant of the Macadocs malware to be using Google docs as a proxy server and not connecting to a command and control server directly. In a blog post on Friday, Symantec researcher Takashi Katsuki, wrote... more
In February 2012, Neustar surveyed IT professionals across North America to better understand their DDoS experiences. Most were network services managers, senior systems engineers, systems administrators and directors of IT operations. In all, 1,000 people from 26 different industries shared responses about attacks, defenses, ongoing concerns, risks and financial losses. more
Starting in mid-September, one of the largest and most sophisticated DDoS attacks ever targeted the titans of American banking. Initially, victims included Bank of America, JPMorgan Chase, Wells Fargo, PNC Bank, and U.S. Bancorp. In the weeks to come, others would also feel the pain. Websites crashed, customers were unable to make transactions and IT professionals and PR gurus went into panic mode. Leon Panetta, U.S. Secretary of Defense, said the attacks foreshadowed a "Cyber Pearl Harbor." more
If there's one simple - high impact - thing you could do to quickly check whether your network has been taken over by a criminal entity, or uncover whether some nefarious character is rummaging through your organizations most sensitive intellectual property out of business hours, what would it be? In a nutshell, I'd look to my DNS logs. It's staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers. more
A World-Renowned Source for Internet Developments. Serving Since 2002.