Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
An international group of more than 360 cyber threat intelligence researchers from over 40 countries have joined forces to help the medical sector amid the COVID-19 crisis. more
Global Payments, an Atlanta-based payment card processing firm, announced yesterday that they had suffered "unauthorized access into a portion of its processing system". Sometime in early March they uncovered the attack, and there are some indications that the breach occurred between January 21st and February 25th of this year... There are a number of unverified reports that a New York City street gang with Central American ties took control of "an administrative account that was not protected sufficiently". more
Wow. It's out. It's finally, finally out... So there's a bug in DNS, the name-to-address mapping system at the core of most Internet services. DNS goes bad, every website goes bad, and every email goes...somewhere. Not where it was supposed to... I'm pretty proud of what we accomplished here. We got Windows. We got Cisco IOS. We got Nominum. We got BIND 9, and when we couldn't get BIND 8, we got Yahoo, the biggest BIND 8 deployment we knew of, to publicly commit to abandoning it entirely. It was a good day... more
According to reports, the majority of the U.S. federal domains have met the deadline to adopt an email authentication program to prevent fake emails from being sent. more
The emergence and proliferation of Internet of Things (IoT) devices on industrial, enterprise, and home networks brings with it unprecedented risk. The potential magnitude of this risk was made concrete in October 2016, when insecure Internet-connected cameras launched a distributed denial of service (DDoS) attack on Dyn, a provider of DNS service for many large online service providers (e.g., Twitter, Reddit). Although this incident caused large-scale disruption, it is noteworthy that the attack involved only a few hundred thousand endpoints... more
Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more
Internet Security is a topic that has drawn a lot of attention over the past year. As awareness grows that cooperation is necessary, it dawns on people that there are many and very different stakeholders involved, stakeholders that may never have met before. Let alone have cooperated. An example of an approach is the National Cyber Security Council (NCSC) that was installed in The Netherlands on 30 June. This is a high level council that will give advice to public as well as private entities on how to better secure themselves and society at large against cyber attacks and how to become more resilient. However, without the right approach it is doomed to become a talking shop. more
Sender Address Validation and Authentication (SAVA) is the silver bullet. It will send to Cyberia all dark forces that make us shiver when we make a purchase on the internet, pose a threat to our very identities and have made DDoS a feared acronym. Some of you will remember the heated debates when Calling Line Identification (CLID) was first introduced in telephony. Libertarians of all stripes called passionately to ban such an evil tool... more
In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more
The Internet and the domain name system (DNS) have become the mainstay of the new COVID sheltered world. Afilias looked at registrations in the unrestricted domain name space, with a special focus on the popular .INFO, .PRO, .MOBI and .IO domain name extensions. The data shows that the number of website and domain registrations related to COVID and Coronavirus in these extensions is flattening after a surge in March. more
In part 1, we explained that the DKIM "d=" value identifies the domain name which signed the message, which may be a different domain name from the author of the message. Tying the signing and author domains together will require an additional standard: Author Domain Signing Practices (ADSP). In IETF parlance, the "author domain" is the domain name in the From: header, so ADSP is a way for the author domain to publish a statement specifying whether any other domain name should ever sign a message purporting to be From: that author domain... more
Unlike consultant-led penetration testing, periodic or continual vulnerability scanning programs have to operate harmoniously with a corporation's perimeter defenses. Firewalls, intrusion prevention systems, web proxies, dynamic malware analysis systems, and even content delivery networks, are deployed to protect against the continuous probes and exploit attempts of remote adversaries -- yet they need to ignore (or at least not escalate) similar probes and tests being launched by the managed security service providers an organization has employed to identify and alert upon any new vulnerabilities within the infrastructure or applications that are to be protected. more
Every now and again a report flies across the network about the police breaking down someone's door and attempting to arrest the home owner for bad things online - assuming that whatever happened from that person's Internet connection is their fault. Now there are lots of problems with this - lots of problems. But one of the big ones is that anyone can access an open access point... more
Communications will be one of the most critical areas during the London Olympic Games. The industry is working to establish shared access networks -- would it not be nice if they did this everywhere, all the time? They are also working very closely with British Olympic Association, London Transport, the broadcasters and content providers. Mobile coverage will be the biggest shared infrastructure in the world. more
It is a safe assumption that if you are reading this post, you like technology. If that is the case, then you understand the tremendous economic, cultural, and human rights benefits an open, universal, and free Internet provides. That freedom is under attack. And it is our responsibilities, as stakeholders in a successful Internet, to balance governments and have an open dialog on the topic. more
A World-Renowned Source for Internet Developments. Serving Since 2002.