Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
BGP. Border Gateway Protocol. The de-facto standard routing protocol of the Internet. The nervous system of the Internet. I don't think I can overstate the importance, the criticality of BGP to the operation of the modern Internet. BGP is the glue that holds the Internet together at its core. And like so many integral pieces of the Internet, it, too, is designed and built on the principle of trust... The folks who operate the individual networks that make up the Internet are generally interested in keeping the Internet operating, in keeping the packets flowing. And they do a great job, for the most part. more
We are suffering an epidemic of cyberattacks while in a viral pandemic. This post is for those who have responsibility for assuring that the IT-based services offered by their enterprise can quickly recover in the case of successful cyber-attack or other disaster. University of Vermont Medical Center (UVMMC) is an excellent hospital. I owe my life to treatment there and am grateful for both the skill and the kindness of UVMMC staff. They have been devastated by a cyber-attack. more
Fallen into the wrong hands, corp.com can be an extremely dangerous domain name providing a doorway to hundreds of thousands of corporate PCs. more
Earlier this week, I came across a working paper from Professor Peter Swire - a highly respected attorney, professor, and policy expert. Swire's paper, entitled "Online Privacy and ISPs", argues that ISPs have limited capability to monitor users' online activity. The paper argues that ISPs have limited visibility into users' online activity for three reasons: (1) users are increasingly using many devices and connections, so any single ISP is the conduit of only a fraction of a typical user's activity; (2) end-to-end encryption is becoming more pervasive, which limits ISPs' ability to glean information about user activity; and (3) users are increasingly shifting to VPNs to send traffic. more
UK government today announced the release of a new cyber security standard for self-driving vehicles. Funded by the Department for Transport, the British Standards Institute has developed the guidance to set a marker for those developing self-driving car technologies. more
The distribution and installation of malicious and unauthorized software has evolved consistently throughout the 21st Century. The evolutionary path from annoying viruses, to destructive malware and on to financially driven crimeware, is well documented and can even be conveniently traced via the parallel evolution of technologies that were designed to counter each new aspect of the then contemporary threat. more
The recent attacks on the DNS infrastructure operated by Dyn in October 2016 have generated a lot of comment in recent days. Indeed, it's not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways, this DNS DDOS prominence is for all the wrong reasons! I'd like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks. more
Last month at the Virus Bulletin Conference in Barcelona, I took in one of the sessions on mobile malware. This type of malware is foreign to me because I mostly stay in the email space at work (and even then, I am focusing more on day-to-day issues of running a large mail provider than I am on spam and abuse). What's mobile malware like? What are the threats? How do users get infected? more
"As flood waters from Tropical Storm Irene swamped the Waterbury state office complex, seven employees from the Vermont Agency of Human Services rushed inside to rescue computer servers that are critical for processing welfare checks and keeping track of paroled prisoners living around the state," according to a story by Shay Totten on the 7days blog Blurt. Two of the employees - network administrator Andrew Matt and deputy chief information officer Darin Prail - lost their cars in the parking lot as the river rose but kept on working to assure that our servers were not lost. "We didn't know how much time we had," Matt said, "and our job was to save the servers." more
By any metric, the queries and responses that take place in the DNS are highly informative of the Internet and its use. But perhaps the level of interdependencies in this space is richer than we might think. When the IETF considered a proposal to explicitly withhold certain top-level domains from delegation in the DNS the ensuing discussion highlighted the distinction between the domain name system as a structured space of names and the domain name system as a resolution space... more
The recent attack on the Comodo Certification Authority has not only shown how vulnerable the current public key infrastructure is, but also that the protocols (e.g., OSCP) used to mitigate these vulnerabilities once exploited, are not in use, not implemented correctly or not even implemented at all. Is this the beginning of the death of the PKI dragons and what alternatives do we have? more
This is the fundamental question that the Internet Society is posing through the report just launched today, our 2017 Global Internet Report: Paths to Our Digital Future. The report is a window into the diverse views and perspectives of a global community that cares deeply about how the Internet will evolve and impact humanity over the next 5-7 years. We couldn't know what we would find when we embarked on the journey to map what stakeholders believe could shape the future of the Internet... more
The COVID-19 pandemic has led to the rapid migration of the world's workforce and consumer services to virtual spaces, has amplified the Internet governance and policy issues including infrastructure, access, exponential instances of fraud and abuse, global cooperation and data privacy, to name but a few. The need for practical, scalable and efficient solutions has risen dramatically. more
As hacking groups such as Anonymous and LulzSec continue to make headlines, many of us in the Information Security field can only sit back and shake our heads. The large number of successful system breaches, web site defacements, and the publication of confidential data is not at all surprising, and for the most part was only a matter of time. more
US prosecutors have charged two Romanians with hacking Washington DC police computers linked to surveillance cameras just days before President Donald Trump's inauguration. more
A World-Renowned Source for Internet Developments. Serving Since 2002.