Cybersecurity |
Sponsored by |
|
There is a classic scene in the movie, "Jaws," when Roy Scheider gets a look at the size of the shark circling his fishing vessel and says, "We're going to need a bigger boat." The same case can be made for CIOs dealing today with application security. Hackers from all over the world are circling business and government like great whites looking for vulnerabilities in Internet-facing applications. The growth of applications is great for doing business but they have become chum in the water for predators. more
In a seemingly never-ending row of news on hacks of websites now the news in which 2.3 million individual cases of privacy sensitive data were accessible through a leak in the websites of most public broadcasting stations in the Netherlands. To make the news more cheerful, the accessible data was, if compiled, sufficient to successfully steal a complete identity. What were thoughts that came to my mind after hearing this news on Friday? more
Most cloud DDoS mitigation services are offered on demand meaning that customers can enable the service when they are the victim of a DDoS attack. But how can a company find out -- quickly -- that it is under attack? Sometimes it is difficult to know. In this three part series, we will examine multiple monitoring tools companies can use to capture DDoS, which can help determine whether you are under a DDoS attack. more
Over at Word to the Wise, Laura Atkins has a post up where she talks about the real problem with ESPs and their lack of internal security procedures which resulted in the breach of many thousands of email addresses (especially Epsilon). However, Atkins isn't only criticizing ESP's lack of security but also the industry's response wherein they have suggested countermeasures that are irrelevant to the problem. more
Internet users are acutely aware of their exposure on the Internet and clearly concerned about their safety. Increased downloads of scareware as Conficker made headlines in the mainstream media are only the latest evidence. Desktop software is often viewed as a one-stop shop for fighting Internet threats such as viruses, worms and other forms of malware and phishing. These solutions have served us well but more protections are needed to address the dynamic and increasingly sophisticated web based exploits being launched... more
Reading Peter Olthoorn's book on Google (a link is found here), I ran into a passage on IP addresses. Where Google states that it does not see an IP address as privacy sensitive. An IP address could be used by more than one person, it claims. The Article 29 Working Party, the EU privacy commissioners, states that it is privacy sensitive as a unique identifier of a private person. It got me wondering whether it is this simple. Here is a blog post meant to give some food for thought and debate. I invite you to think about the question 'how private is an IP address'? more
Between December 10th and 11th 2015, the China Future Network Development and Innovation Forum, jointly hosted by the Chinese Academy of Engineering and the Nanjing Municipal Government, is scheduled to be held in Nanjing, Jiangsu, China. The forum will be jointly organized by Jiangsu Future Networks Innovation Institute and Beijing Internet Institute, with the theme of "Building future network test facilities and promoting network development & innovation", and it will invite nearly a hundred industrial experts at home and abroad, to establish a platform marked by security, innovation, openness, cooperation where the policy, industry, academics, and application are integrated. more
With each passing day, a new public opinion article appears or U.S. government official pronounces how the open internet is abetting some discovered catastrophic effects on our societal institutions. In just one week, the examples include increased information on FSB & GRU attacks on electoral systems and infrastructure, Trump's obliging tactical destruction of societal norms and propagation of the QAnon cult, U.S government agency officials playing "cyber security spin-the-bottle" at press conferences... more
In January 1995, the RFC Editor published RFC 1752: "The Recommendation for the IP Next Generation Protocol"... The Internet is a security officer's nightmare -- so much openness, so easy to capture packet traffic (and/or spoof it!) and send all manner of unwanted traffic. It was built as a research network, hosted by institutes that were 1/ professionally responsible and 2/ interested in working together collegially. So, in the 19 years since the publication of that statement, have we really failed to address the stated goal? more
Last week at Virus Bulletin in 2012, Tyler Moore of Southern Methodist University (SMU) gave a talk entitled "Measuring the cost of cyber crime." It was a study done in collaboration with multiple individuals in multiple countries. The study sought to answer this question - How much does cyber crime cost? Up until this point, nobody really knew. more
Two months ago, the Trump White House published its National Cyber Strategy. It was followed a few days ago with the release of its draft NSTAC Cybersecurity "moonshot." The Strategy document was basically a highly nationalistic America-First exhortation that ironically bore a resemblance to China's more global two-year-old National Cybersecurity Strategy. more
Have you ever wanted to quickly find out information on key Internet policy issues from an Internet Society perspective? Have you wished you could more easily understand topics such as net neutrality or Internet privacy? This year, the Internet Society has taken on a number of initiatives to help fill a need identified by our community to make Internet Governance easier to understand and to have more information available that can be used to inform policymakers and other stakeholders about key Internet issues. more
By design, the Internet core is stupid, and the edge is smart. This design decision has enabled the Internet's wildcat growth, since without complexity the core can grow at the speed of demand. On the downside, the decision to put all smartness at the edge means we're at the mercy of scale when it comes to the quality of the Internet's aggregate traffic load. Not all device and software builders have the skills - and the quality assurance budgets - that something the size of the Internet deserves. more
While at that same Virus Bulletin conference that I was talking about earlier in my other post, I also had the chance to check out a session on Chinese DDoS malware put on by some folks from Arbor Networks. As little insight as I have into Android malware, I know even less about Chinese DDoS malware. So what's Chinese DDoS malware like? What are its characteristics? more
An unprecedented disinformation campaign purposefully distorts what consumers and governments understand about the upcoming fifth generation of wireless broadband technology. A variety of company executives and their sponsored advocates want us to believe that the United States already has lost the race to 5G global market supremacy and that it can regain it only with the assistance of a compliant government and a gullible public. more
A World-Renowned Source for Internet Developments. Serving Since 2002.