Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more
Two events, which made headlines in the digital world in 2016, will probably frame the Internet Governance Agenda for 2017. October 1, 2016, the US government confirmed the IANA Stewardship transition to the global multistakeholder community. November 2, 2016, the Chinese government announced the adoption of a new cybersecurity law which will enter into force on July 1, 2017. more
In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation's President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns. more
Since January 2016, discreet campaigns involving malware called Trojan.Odinaff have targeted a number of financial organizations worldwide, warned Symantec Security Response team on Tuesday. more
Bruce Schneier's recent blog post, "Someone is Learning How to Take Down the Internet", reported that the incidence of DDOS attacks is on the rise. And by this he means that these attacks are on the rise both in the number of attacks and the intensity of each attack. A similar observation was made in the Versign DDOS Trends report for the second quarter of 2015, reporting that DDOS attacks are becoming more sophisticated and persistent in the second quarter of 2016. more
The dividing line between developers and IT operations used to be distinct. Developers were responsible for adding new features securely, but it was IT operations who had responsibility for infrastructure and network security. For the most part, developers didn't have to think too much about the wider security context. With the advent of the cloud, and of devops, things changed radically. more
During the past few years, the International Telecommunication Union (ITU) has been a battleground where governments promote rival visions of how the Internet should be governed. Although there has been a recent cease-fire as Internet governance debates have focused more on the role of ICANN, those skirmishes may soon restart at the ITU... Co-authored by Ambassador Gross (chair of Wiley Rein's International & Internet Practice), Carl R. Frank, Umair Javed, and Sara M. Baxenberg (members of Wiley Rein's Telecom, Media & Technology Practice). more
What appears to be a leaked copy of the Burr-Feinstein on encryption back doors. Crypto issues aside -- I and my co-authors have written on those before -- this bill has many other disturbing features. (Note: I've heard a rumor that this is an old version. If so, I'll update this post as necessary when something is actually introduced.) One of the more amazing oddities is that the bill's definition of "communications" (page 6, line 10) includes "oral communication", as defined in 18 USC 2510. more
This post I've been pondering on for a long time, but never found the right angle and perhaps I still haven't. Basically I have these observations, thoughts, ideas and a truckload of questions. Where to start? With the future prospects of us all. Thomas Picketty showed us the rise of inequality. He was recently joined by Robert J. Gordon who not only joins Picketty, but adds that we live in a period of stagnation, for decades already. "All great inventions lie over 40 years and more behind us", he points out. more
What is the current state of DNSSEC deployment around the world and also in Africa? How can you deploy DNSSEC at a massive scale? What is the state of using elliptic curve crypto algorithms in DNSSEC? What more can be done to accelerate DNSSEC deployment? Discussion of all those questions and much more can be found in the DNSSEC Workshop streaming live out of the ICANN 55 meeting in Marrakech, Morocco, on Wednesday, March 9, from 9:00 to 15:15 WET. more
In a speech at the Internet Policy Research Initiative at MIT, British intelligence agency GCHQ director Robert Hannigan said Monday that law enforcement and intelligence officials want only targeted ways to stop what he called "abuse of encryption" by ISIS and other terrorists and criminals. more
Encryption is key to commerce online. Anything that weakens it is a threat to the digital economy, so the FBI vs Apple case is something that a lot of people are watching very closely... The most recent development is that Apple has filed "Motion to Vacate the Order Compelling Apple Inc. to Assist Agents in Search, and Opposition to the Government's Motion to Compel Assistance." Legal filings aren't light bedtime reading, but this one explores the legal issues as well as the privacy and security implications from multiple angles and underlines why this case is so important. more
Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
On Nov. 30 and Dec. 1, 2015, some of the Internet's Domain Name System (DNS) root name servers received large amounts of anomalous traffic. Last week the root server operators published a report on the incident. In the interest of further transparency, I'd like to take this opportunity to share Verisign's perspective, including how we identify, handle and react, as necessary, to events such as this. more
On Nov. 30 and Dec. 1, several of the Internet Domain Name System's root name servers received high rate of suspicious queries, reaching as high as 5 million queries per second, according to a report released by the Root Server System Advisory Council. The incident has been categorized as a unique type of DNS amplification attack. more
A World-Renowned Source for Internet Developments. Serving Since 2002.