Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
As with any high-stakes event, elections have become a prime target for cybercriminals seeking to exploit public trust through impersonation, misinformation, and scams. CSC's comprehensive research about the 2024 U.S. Election reveals the alarming role of dormant domains, which have the potential to be exploited for launching cyber attacks against political campaigns, organizations, and constituents. more
BP and the Oil Industry are taking a lot of heat these days - much of it rightly so. Moving beyond the drama and evaluating the overall response of BP and others reinforces much of what is taught in incident response training and preparation... by showing the outcomes when one does not respond well. This is probably the most important incident that the responders involved will deal with in their professional lives. For those of us working to protect Internet Infrastructure and resources there are useful lessons as we consider what is happening in the Gulf of Mexico and their response effort. more
Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this one it's not going to help. If your OS is secure, you don't need the crypto; if it's not, the crypto won't protect your data. In a case like the Anthem breach, the really sensitive databases are always in use. more
Layered security is a concept that's important for anyone who wants to create a strong, successful defense strategy to understand. This is a strategy that relies on the use of multiple lines of defense in an attempt to repel any potential attacks. For this reason, it's based on the principle that says "no single form of protection is enough to stop a determined cybercriminal. more
Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more
Stéphane Bruno writes: "In the first few hours that followed the earthquake, mobile service was completely disrupted. It was almost impossible to place a call, due to the combination of the damages on the cellular networks and the spike in phone calls. However, on some networks, SMS service was still available. People stuck under rubbles started texting to their friends and family (in Haiti and abroad) to tell them they were still alive and needed help. Those friends and family, not knowing what to do, started posting these SOS messages on their social networks, mainly on Facebook." more
According to various news outlets, Russia is reported to be planning a complete Internet shut down, as part of a test of its cyber-defenses. more
According to a recent Homeland Security News Wire article, nearly 8 million patient medical records were compromised over the course of the previous two years due to data security breaches. As more hospitals and patient care providers move to store patient data electronically -- primarily as a cost savings effort -- the risk and exposure of our private medical information increases while our individual control over this information diminishes. more
Most people - mistakenly - believe that they are perfectly safe behind a firewall, network address translation (NAT) device or proxy. The fact is quite the opposite: if you can get out of your network, someone else can get in. Attackers often seek to compromise the weakest link in a network and then use that access to attack the network from the inside, commonly known as a "pivot-and-attack." more
As with other meetings and conferences, the IGF-USA decided to move our annual event to a virtual format held on 22-23 July. We will discuss important matters of the Internet, using the Internet from our secure Internet access points. This format allows us to continue critical dialogue safe from viruses, murder hornets and whatever else is thrown at us this year. more
Microsoft is shipping a patch to eliminate SHA-1 hashes from its update process. There's nothing wrong with eliminating SHA-1 - but their reasoning may be very interesting. SHA-1 is a "cryptographic hash function". That is, it takes an input file of any size and outputs 20 bytes. An essential property of cryptographic hash functions is that in practice (though obviously not in theory), no two files should have the same hash value unless the files are identical. more
The abuse of well-known seal of approvals seems to be the latest ruse used by online fraudsters. Leveraging reputable names that existed long before anyone heard of the Internet is a blaring reminder that even trustworthy seals are not off limits to scammers. In fact, linking to reliable sources of reviews and certification is proving to be an essential part of any fraud strategy today. more
Ah, BYOD. How I love thee. BYOD, or "Bring Your Own Device", gives me choices. I can use a device at work I actually like and am most effective with. (How did I ever get by without my iPad?) But BYOD comes with challenges. Personal devices can be infected with malware. Once they're connected to an enterprise's network, they can be controlled by a bot master to hijack enterprise resources and wreak havoc as part of a botnet. more
A few weeks ago, on Oct. 1, 2016, Verisign successfully doubled the size of the cryptographic key that generates DNSSEC signatures for the internet's root zone. With this change, root zone DNS responses can be fully validated using 2048-bit RSA keys. This project involved work by numerous people within Verisign, as well as collaborations with ICANN, Internet Assigned Numbers Authority (IANA) and National Telecommunications and Information Administration (NTIA). more
The other day several of us were gathered in a conference room on the 17th floor of the LinkedIn building in San Francisco, looking out of the windows as we discussed some various technical matters. All around us, there were new buildings under construction, with that tall towering crane anchored to the building in several places. We wondered how that crane was built, and considered how precise the building process seemed to be to the complete mess building a network seems to be. more
A World-Renowned Source for Internet Developments. Serving Since 2002.