Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies.... "Wisdom consists in being able to distinguish among dangers and make a choice of the least harmful." That quote is quite possibly the most accurate depiction possible of the never-ending struggle between network security and corporate budget. Providing a mechanism to defend the enterprise network from every conceivable threat is impossible in terms of both technology and funding. more
Today the Internet Technical Advisory Committee (ITAC) to the OECD published the fifth edition of its newsletter. The ITAC was created in 2009 following the OECD's Seoul Ministerial with the objective to provide Internet technical and policy expertise to the work of the OECD on Internet-related issues. This informal group is coordinated by the Internet Society and currently counts 28 members active in domains such as open Internet/Web standards development, interconnection, IP addressing, security or privacy. more
I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more
The European Union (EU) has set a high bar by tackling domain name system (DNS) abuse head on via government regulation and seems to have successfully resisted attempts to water down DNS stewardship obligations. Recent guidance from a key European Commission cooperation group (the NIS Cooperation Group) handling sections of the Network and Information Security Directive (NIS2) intends for a robust implementation of Article 28, which will go a long way toward helping to mitigate some of the longstanding problems that persist in the DNS. more
Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more
The Canadian Internet Registration Authority (CIRA) for the .ca country code Top-Level Domain yesterday announced the launch of a test-bed initiative for DNSSEC. CIRA’s Chief Information Officer, Norm Ritchie who made the official announcement at the SecTor security conference in Toronto, says it began the process of implementing DNSSEC in early 2009 and the implementation date is set for 2010. So far, over 15 Top-Level Domains have already deployed DNSSEC including dot-gov and dot-org. more
As cyber security as a field has grown in scope and influence, it has effectively become an 'ecosystem' of multiple players, all of whom either participate in or influence the way the field develops and/or operates. It's increasingly evident that, more than ever, it is crucial for those players to collaborate and work together to enhance the security posture of communities, nations and the globe. more
A web domain name is the foundational piece of internet property allowing its owner (registrant) to construct and host an associated website. On a domain, the owner is also able to construct whatever subdomains they wish -- a process that is technically achieved via the configuration of records on the authoritative domain name system (DNS) server. more
During the 4th quarter of 2014, a record number of malware variants were detected -- an average of 255,000 new threats each day, according a recent report by Anti-Phishing Working Group (APWG). The group further reports that the number of unique phishing reports submitted to APWG during Q4 was 197,252 -- an increase of 18 percent from the 163,333 received in Q3 of 2014. more
Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more
Major US bank Capital One Financial Corporation confirmed Monday evening that unauthorized access was made by an outside individual who obtained "certain types of personal information" on credit card products and Capital One credit card customers. more
The Internet is chock full of really helpful people and autonomous systems that silently probe, test, and evaluate your corporate defenses every second of every minute of every hour of every day. If those helpful souls and systems aren't probing your network, then they're diligently recording and cataloguing everything they've found so others can quickly enumerate your online business or list systems like yours that are similarly vulnerable to some kind of attack or other. more
The Biden administration is investigating China Mobile, China Telecom, and China Unicom over concerns that these companies could potentially exploit their access to U.S. data through their cloud and internet services, potentially sharing this data with the Chinese government. more
It appears people, governments, regulators and legislators worldwide may have forgotten Facebook's complicit involvement with Cambridge Analytica (CA). It is possible that new priorities such as the Covid-19 pandemic in 2020 may have pre-occupied them, and rightly so. But an unprecedented data breach in 2019 unfolded this weekend, bringing a recurring nightmare of the past back into today's reality. more
A World-Renowned Source for Internet Developments. Serving Since 2002.