Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The Wall Street Journal has an interview with the outgoing head of the FBI's cyber crime investigation Shawn Henry. In it, he has a blunt assessment of the US's capabilities when it comes to combatting online crime, especially data theft and hacking... The more I read around the Internet, the more clear it's becoming at how cyber security is becoming a central focus. This has pretty big implications for the cloud. more
DNSSEC is increasingly adopted by organizations to protect DNS data and prevent DNS attacks like DNS spoofing and DNS cache poisoning. At the same time, more DNS deployments are using proprietary DNS features like geo-routing or load balancing, which require special configuration to support using DNSSEC. When these requirements intersect with multiple DNS providers, the system breaks down. more
This morning, Global Payments held a conference call with investors and analysts covering their earlier breach announcement and projected earnings. Global Payments had also released an update advisory yesterday stating that "the company believes that the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers have been exported" and that only Track 2 card data may have been stolen. more
Microsoft continues to integrate new artificial intelligence technology into its products and today announced a cybersecurity "copilot" to help companies track and defend against hacking attempts. This tool is part of Microsoft's attempt to dominate the fast-growing field of "generative" AI. more
If approved, the code would technically be voluntary for Canadian ISPs, but the active involvement of government officials suggests that most large providers would feel pressured to participate. The move toward an ISP code of conduct would likely form part of a two-pronged strategy to combat malicious software that can lead to cybercrime, identity theft, and other harms. First, the long-delayed anti-spam legislation features new disclosure requirements for the installation of software along with tough penalties for non-compliance. more
It has been a very busy period in the domain of computer security. With "shellshock", "heartbleed" and NTP monlink adding to the background of open DNS resolvers, port 445 viral nasties, SYN attacks and other forms of vulnerability exploits, it's getting very hard to see the forest for the trees. We are spending large amounts of resources in reacting to various vulnerabilities and attempting to mitigate individual network attacks, but are we making overall progress? What activities would constitute "progress" anyway? more
We're learning this week that we have officially passed the one billion number in terms of people using the Internet. Eric Schonfeld writes in his article on TechCrunch that the number is probably higher than that. One billion is a staggering number, even though it makes up only 15 to 22 percent of the world's population. Nevertheless, those one billion Internet users give us a lot to deal with on their own in terms of social and security issues on the web. more
In case you haven't been watching cyber news recently, last week various security researchers published that Macs were infected by the Flashback Trojan and that the total number of infections worldwide was 600,000. This number was published by a couple of blogs. I debated writing about this topic since we had a previous Mac outbreak last year that initially spiked up, caused Apple to go into denial about the affair before issuing a fix, and then the malware kind of went away. Will this follow the same pattern? more
In the sci-fi movie Minority Report, a 'precrime' police unit relies on the visions of psychics to predict future crimes, then arrests the potential perpetrators before they do anything wrong. In the world of Internet governance, the future is now, as regulators want online services to predict and prevent safety threats before they actually occur. more
UK registry Nominet has enabled the deployment of domain name system security extensions (DNSSEC) for 9.4 million second level .uk domains. Completing the rollout represents over a year's work and marks an important milestone in making the web a more trusted environment for UK consumers and businesses, says Nominet, which is responsible for running the .uk internet infrastructure. more
Bruce Schneier is a famous cryptography expert and Orin Kerr a famous cyberlaw professor. Together they've published a law journal article on Encryption Workarounds. It's intended for lawyers so it's quite accessible to non-technical readers. The article starts with a summary of how encryption works, and then goes through six workarounds to get the text of an encrypted message. more
Cyber crime = crime. How do we make police forces understand this and how to get it prioritized? In this series of blogs I am looking into whether aggregating data can change the way cyber crime is approached and prioritized. At a seminar at the IT Security trade fair in Utrecht detective super intendant Charlie McMurdie, head of the cyber crime unit of the London Metropolitan police, said that cyber crime was recently prioritized by the UK government. She also said the following and I'm allowed to quote this... more
In my recent CircleID post, DNS, Domain Names, and Certificates: The Missing Links in Most Cybersecurity Risk Postures, I highlighted the importance of applying multiple layers of defense to secure these business-critical assets. Last Friday, Brian Krebs, the world-renowned cybersecurity journalist, reiterated the criticality of domain name security because the domain name "e-hawk.net" was stolen from the rightful owner using social engineering tactics targeting its domain name registrar. more
On Wednesday 16 March the Serious Organised Crime Agency organised a meeting in London with the RIPE NCC. For the second time law enforcers from the whole world met with the RIPE NCC and RIPE community representatives to discuss cooperation. RIPE NCC staged several very interesting presentations that showed the LEAs the importance of the work done within RIPE and ARIN, the information RIPE NCC has and the relevance of all this to LEAs. Also issues were addressed that can potentially be harmful to future investigations. more
The German digital association, Bitkom, recently announced that the cost of IT equipment theft, data breaches, digital and industrial espionage, and sabotage is expected to reach a staggering 206 billion euros ($224 billion) in 2023. more
A World-Renowned Source for Internet Developments. Serving Since 2002.