Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The Cyberspace Solarium Report released today is another, in an endless string of reports, that disgorge from Washington committees dealing with the eternal mantra of "defending American interests and values in cyberspace." The challenges (and many reports) here trace back 170 years when transnational telecommunication internets emerged. The dialogue and reports scaled in the 1920s with the emergence of radio internets and cyber threats, then again in the early 1980s... more
The Biden administration has issued a stark warning to the nation's governors about the increasing threat of cyberattacks on the United States' water and wastewater systems. more
U.S. intelligence officials are increasingly worried that hackers could wreak havoc on the financial system. Read the story here in National Journal. Not that we need it, but here's yet another reason to worry about havoc in financial markets: U.S. intelligence officials increasingly fear that computer hackers could wreck banks and large financial institutions, or send stock markets into one more panicked frenzy, by covertly manipulating data and spreading false information. more
The ICANN 56 meeting takes place in Helsinki, Finland, from June 27-30 and while it is a smaller "policy forum" style of meeting, there will still be some activities related to DNSSEC, DANE and DNS security in general. DNSSEC Workshop The DNSSEC Workshop will take place on the morning of Monday, 27 June 2016. All times are Eastern European Summer Time (EEST), which is UTC+3. more
In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more
In order to provide more security for the Domain Name System (DNS), a group of large domain-name registries and registrars has got together with IT security providers and government agencies to launch a new workgroup: the "Registry Internet Safety Group" (RISG). The announcement was made by the Public Internet Registry, which operates the .org domain, and its backend provider Afilias. more
This week, the RightsCon Silicon Valley 2016 conference is taking place in San Francisco. Since the use of encryption in general and the Apple/FBI case in particular are likely to be debated, I want to share a perspective on system security. My phone as a system The Apple/FBI case resolves around a phone. Think of your own phone now. When I look at my own phone I have rather sensitive information on it. more
Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." more
Ample evidence exists to underline that shortcomings in a third-parties cybersecurity posture can have an extremely negative effect on the security integrity of the businesses they connect or partner with. Consequently, there's been a continuous and frustrated desire for a couple of decades for some kind of independent verification or scorecard mechanism that can help primary organizations validate and quantify the overall security posture of the businesses they must electronically engage with. more
In a call for "fairness and justice" in cyberspace, China's top diplomat, Wang Yi, has encouraged emerging economies to collectively resist any attempts at dominance in science, technology, or the internet. more
Modern networks can be attacked in a variety of ways, meaning that companies need different types of protection. This article explains some of the risks involved, and provides some easy ways to deal with them. more
The 2010 Domain Pulse, hosted by SWITCH (the .CH registry) was held in the snowy Swiss city of Luzern. Domain Name Security (DNS) was of particular importance in this year's meeting with DNSSEC being implemented in the root zone in 2010 by ICANN, and by many registries in the next few years. ICANN plan to have all root servers signed with DNSSEC by mid-2010 Kim Davies, Manager, Root Zone Services at ICANN told the meeting, starting with the L root server, then A root server with the last being the J root server as all are gradually signed. more
A year ago, under the leadership of the Internet Corporation for Assigned Names and Numbers (ICANN), the internet naming community completed the first-ever rollover of the cryptographic key that plays a critical role in securing internet traffic worldwide. The ultimate success of that endeavor was due in large part to outreach efforts by ICANN and Verisign which, when coupled with the tireless efforts of the global internet measurement community, ensured that this significant event did not disrupt internet name resolution functions for billions of end users. more
Garth Bruen writes: A report in LegitScript takes a look at Russian rogue Internet pharmacy hacking US government website. "As rogue Internet pharmacy networks become more sophisticated, even US government websites are at risk. Today, we're taking a look at how a rogue Internet pharmacy linked to a criminal network operating out of Russia and Eastern Europe has hacked into a US government website. The Millennium Challenge Corporation, a US foreign aid agency, utilizes a ".gov" top-level domain, which is assigned to the control of the US government. Domain names ending in .gov are typically administered by the General Services Administration." more
What appears to be a leaked copy of the Burr-Feinstein on encryption back doors. Crypto issues aside -- I and my co-authors have written on those before -- this bill has many other disturbing features. (Note: I've heard a rumor that this is an old version. If so, I'll update this post as necessary when something is actually introduced.) One of the more amazing oddities is that the bill's definition of "communications" (page 6, line 10) includes "oral communication", as defined in 18 USC 2510. more
A World-Renowned Source for Internet Developments. Serving Since 2002.