Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
In 2012 I wrote a blog on CircleID called State hacking: Do's and don'ts, pros and cons. In this post I give some thoughts to the concept of a government "hacking back" at criminals. The reason for this was an announcement by the Dutch government that it contemplated law along these lines. The proposed law is now here: the Act Computer Criminality III. more
This post was co-authored by Yixin Sun, Annie Edmundson, Henry Birge-Lee, Jennifer Rexford, and Prateek Mittal. In this post, we discuss a recent thread of research that highlights the insecurity of Internet services due to the underlying insecurity of Internet routing. We hope that this thread facilitates important dialog in the networking, security, and Internet policy communities to drive change and adoption of secure mechanisms for Internet routing. more
The dividing line between developers and IT operations used to be distinct. Developers were responsible for adding new features securely, but it was IT operations who had responsibility for infrastructure and network security. For the most part, developers didn't have to think too much about the wider security context. With the advent of the cloud, and of devops, things changed radically. more
Akamai releases its Third Quarter, 2016 State of the Internet / Security Report, providing analysis of the current cloud security and threat landscape, including insight into two record setting DDoS attacks caused by the Mirai botnet. more
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies.... "Wisdom consists in being able to distinguish among dangers and make a choice of the least harmful." That quote is quite possibly the most accurate depiction possible of the never-ending struggle between network security and corporate budget. Providing a mechanism to defend the enterprise network from every conceivable threat is impossible in terms of both technology and funding. more
It is one thing to bring broadband internet to the masses, but how do we make them drink from the fountain of knowledge? One of the challenges, of course, is that the industry has not yet sold turn-key applications that capture the imaginations of the unconnected. Surprising as it seems, email, Facebook, file swapping and web surfing have not yet attracted 100% of the population. Are there some applications that might lend themselves to a toll-free model in order to reach the rest of the market? more
The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more
In the wake of increasingly lenient bring your own device (BYOD) policies within large corporations, there's been a growing emphasis upon restricting access to business applications (and data) to specific geographic locations. Over the last 18 months more than a dozen start-ups in North America alone have sprung up seeking to offer novel security solutions in this space - essentially looking to provide mechanisms for locking application usage to a specific location or distance from an office, and ensuring that key data or functionality becomes inaccessible outside these prescribed zones. more
Mobile networks aren't usually thought of as sources of spam, but a quick look at some of the resources that track spam reveals they actually are. This is counter intuitive at first glance because when most people think of mobile they think of smartphones, and those aren't known to be sources of spam (at least not yet). What's really going on is PCs connected to mobile networks with air cards, or tethered with a smartphone where it's permissible, are the culprits more
The Biden administration is investigating China Mobile, China Telecom, and China Unicom over concerns that these companies could potentially exploit their access to U.S. data through their cloud and internet services, potentially sharing this data with the Chinese government. more
The ACPA and the UDRP provide two separate and distinct methods for resolving domain name disputes. Both alternatives have many critics and proponents, but the true value of each will ultimately be determined by how well each combats cyber-squatting. Separately, the UDRP and the ACPA will probably work well to defuse most of the cyber-squatting that is currently invading the Internet. If combined together the UDRP and the ACPA can be a cost saving and effective way to prevent cybersquatting... more
NordVPN, a leading VPN service provider, has unveiled its first application featuring quantum-resilient encryption – a significant advancement in cybersecurity. Post-quantum cryptography support is currently available on NordVPN’s Linux client, with plans to extend this enhanced security to all applications by early 2025. more
Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more
As the autumn leaves fall from naked trees to be trampled or encased in the winter snow, it reminds us of another year quickly gone by. Yet, for organisations that were breached and publicly scrutinised for their security lapses, it's been a long and arduous year. It was about this time last year that the news broke of Target's mega breach. Every news outlet was following the story and drip feeding readers with details, speculation and "expert opinion" on what happened, why it happened and who did it. more
As cyber security as a field has grown in scope and influence, it has effectively become an 'ecosystem' of multiple players, all of whom either participate in or influence the way the field develops and/or operates. It's increasingly evident that, more than ever, it is crucial for those players to collaborate and work together to enhance the security posture of communities, nations and the globe. more
A World-Renowned Source for Internet Developments. Serving Since 2002.