Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Just in case you've been out of the country for the last 12 months, a new scourge is hitting the Internet and the world of email and it's called phishing. The Anti-Phishing Working Group defines phishing as identity theft "attacks using 'spoofed' e-mails and fraudulent Websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords..." According to various experts, the incidents of phishing are rising at an alarming rate: there were 13,000 unique phishing attacks in January alone - that's a 42 percent surge over the previous month. The real problem is that phishing works. more
A lawsuit filed by Meta has led to a significant decrease in phishing websites tied to the domain name registrar Freenom. Cybersecurity expert Brian Krebs in a report on Friday said that Freenom, which provides free domain name registration services, was a favored resource for cybercriminals due to its policy of protecting customer identities. more
Many years ago on my first trip to London, I encountered for the first time signs that warned pedestrians that vehicles might be approaching in a different direction than they were accustomed to in their home countries, given the left-versus-right-side driving patterns around the world. (I wrote a while back about one notable change from left-to-right, the Swedish "H Day," as a comment on the IPv6 transition.) more
Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. more
A significant rise has been detected in the use of malware aimed at harvesting consumer data, known as password stealers. more
This weekend Jari Arkko, Chair of the Internet Engineering Task Force (IETF), and Stephen Farrell, IETF Security Area Director, published a joint statement on the IETF blog titled: "Security and Pervasive Monitoring"... They go on to outline some of the IETF's general principles around security and privacy as well as some of the new developments. They also point out a vigorous (and still ongoing) discussion within the IETF around how to improve the security of the Internet in light of recent disclosures. more
Another contentious issue at the WCIT in Dubai is 'security'. There has been a dramatic increase in nervousness regarding a whole range of security issues, especially in relation to the internet. They include: SPAM, denial-of-service-attacks, identity theft, cybercrime, cyberwarfare, and privacy issues on social media. From the list above it is clear that some of these issues are related to content, while some can be classified as national security and others as criminal offences. In other words, there is no clear-cut issue on what constitutes security. more
DNS Security Extensions (DNSSEC) has been deployed for .COM, Internet's largest domain extension with more than 90 million registrations. The announced was made today by VeriSign, the registry operator for .COM. more
The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more
Global leaders gathered in New York at the Summit of the Future and adopted the "Pact for the Future" on Sunday 22nd September. This is a historic milestone as the Pact is the first international agreement aimed at securing a better digital future for all, grounded in human rights. The recent adoption of the "Pact for the Future" at the United Nations General Assembly marks a significant step toward revitalizing multilateral cooperation in an increasingly fragmented world. more
It is now out -- all 539 pages entitled "Declaratory Ruling, Report and Order, and Order" (Reversal Order). As someone who has dealt with this subject matter at a working level over the past 40+ years, it seems clear that the FCC will readily prevail here and the protagonists need to move on. (Admittedly that is wishful thinking given the appellate revenue to be made and press blather opportunities.) The document from a Federal Administrative Law perspective is very thorough and well-crafted. more
Microsoft has joined the Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society (ISOC) with the primary objective is to reduce the most common threats to the Internet's routing system. Microsft is the latest of a number of industry giants around the world - including Oracle, GÉANT, and Comcast - to join MANRS. more
ICANN's second level domain (SLD) blocking proposal includes a provision that a party may demonstrate that an SLD not in the initial sample set could cause "severe harm," and that SLD can potentially be blocked for a certain period of time. The extent to which that provision would need to be exercised remains to be determined. However, given the concerns outlined in Part 2 and Part 3 of this series, it seems likely that there could be many additions (and deletions!) from the blocked list given the lack of correlation between the DITL data and actual at-risk queries. more
In the midst of "Cyber Monday", the day traditionally seen as one of the year's busiest days for online shopping, it is only appropriate to examine the importance DNS plays for online economies. With DNS being at the heart of Internet connectivity it is easy to understand why DNS is important to the growing health of economies whose online health in dollars and euros rest in the billions. more
For years now, there have been calls for a high-level cybersecurity official, preferably reporting directly to the president. This has never happened. Indeed, there is a lot of unhappiness in some circles that President Obama has not appointed anyone as "czar" (or czarina), despite the early fanfare about the 60-day cybersecurity review. There are many reasons why nothing has happened... more
A World-Renowned Source for Internet Developments. Serving Since 2002.