Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth. more
Since last fall, several waves of distributed denial of service (DDoS) attacks have targeted major players in the U.S. banking industry. JPMorgan Chase, Wells Fargo and PNC were among the first to sustain intermittent damage. Eventually, the top 50 institutions found themselves in the crosshairs... In the months to come, security experts would praise the banks' collective response, from heightened DDoS protection to candid customer communications.. these larger institutions have learned some painful lessons that smaller firms might heed as they seek to minimize risks. more
The security vendor-phobe at the head of the conference bangs on the podium with his shoe declaring that "The greatest threat comes from within! (buy our product for your network's salvation)." Fear as a marketing strategy can never be underestimated. Particular when the fear is of the misunderstood. Media helps stoke the flames of fear-marketing with stories of fired or disgruntled IT staff who reportedly effectuate their revenge on former employers by bricking systems. more
Ahmed Mansoor is an internationally recognized human rights defender based in the Middle East and recipient of the Martin Ennals Award (sometimes referred to as a "Nobel Prize for human rights"), On August 10 and 11, 2016, Mansoor received an SMS text messages on his iPhone promising "new secrets" about detainees tortured if he clicked on an included link. Instead of clicking, Mansoor sent the messages to the Canadian Citizen Lab researchers. more
Kaspersky Lab Expert, Fabio Assolini, has provided detailed description of an attack which as been underway in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, affecting 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems. more
Microsoft today disclosed the detection of covert and targeted malicious activity aimed at critical infrastructure organizations in the United States. The attack is orchestrated by a state-sponsored group from China, known as Volt Typhoon, with the suspected objective of disrupting the communication infrastructure between the U.S. and Asia during potential future crises. more
In simple terms, Meltdown and Spectre are simple vulnerabilities to understand. Imagine a gang of thieves waiting for a stage coach carrying a month's worth of payroll. There are two roads the coach could take, and a fork, or a branch, where the driver decides which one to take. The driver could take either one. What is the solution? Station robbers along both sides of the branch, and wait to see which one the driver chooses. more
According to press reports, DHS is going to require federal computer contractors to scan for holes and start patching them within 72 hours. Is this feasible? It's certainly a useful goal. It's also extremely likely that it will take some important sites or applications off the air on occasion - patches are sometimes buggy (this is just the latest instance I've noticed), or they break a (typically non-guaranteeed or even accidental) feature that some critical software depends on. more
The first things that usually come to mind when talking about software development risks are bugs and security issues that have not been detected or those that have been discovered but left unaddressed. Some may also point out poor code quality reviews and the use of third-party components and dependencies laced with malicious code. more
It must be tricky to be an advocate of transparency when your job involves selling serious encryption tools to government departments, large and small companies, hospitals and people who are concerned about having their bank account details hijacked from a home PC. After all, the point about good encryption software and the systems that surround it is that they provide a way to keep your secrets secret, while open government and the effective regulation of financial services would seem to require the widest possible dissemination of all sorts of operational data... more
Yahoo today announced it has agreed to pay $50 million in damages and will offer two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the massive security breach. more
Just recently, Bluesky -- the decentralized social network running on an open protocol called AT Protocol -- announced that as a mechanism for supporting its business financially, it will directly sell domain names as handles for its users. The sales will be processed through an Internet Corporation for Assigned Names and Numbers (ICANN) accredited registrar, called Namecheap. Currently, the handles on social media platforms are internal handles and not independent domain names. more
Would you like to understand the major highlights of the 96th meeting of the Internet Engineering Task Force (IETF) last month in Berlin? What were some of the main topics and accomplishments? How many people were there? What else went on? If so, you can watch a short video interview I did below with IETF Chair Jari Arkko. more
Soon it'll be time again for some of us to pack our bags and head for the ICANN64 meeting in Kobe, Japan. Even if you plan to stay at home, it still will be helpful to understand the national and global context in which the meeting is taking place. One way to do that is by looking at Japan's Prime Minister's Shinzo Abe recent Keynote Speech at the World Economic Forum Annual Meeting, (Jan 23rd, 2019) entitled: "Toward a New Era of "Hope-Driven Economy" more
In an article on CSO.com.au a report from Sophos Australia is reported on. The anti-virus software company had bought 50 usb drives for analyses at a public transport auction of devices left on the Sydney trains. When they wrote that 66% was infected with malware, I presumed that they were left behind consciously, but were they? more
A World-Renowned Source for Internet Developments. Serving Since 2002.