Cybersecurity |
Sponsored by |
|
Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..." more
The project to sign the DNS root zone with DNSSEC took an additional step toward completion yesterday with the last of the "root server" hosts switching to serving signed DNSSEC data. Now every DNS query to a root server can return DNSSEC-signed data, albeit the "deliberately unvalidatable" data prior to the final launch. Another key piece for a working signed root is the acceptance of trust anchors in the form of DS records from top-level domain operators. These trust anchors are used to form the chain of trust from the root zone to the TLD. more
Domain tasting is a long-established practice involving the short-lived existence of a domain, which is allowed to lapse a few days after its initial registration. The practice arose in response to an Internet Corporation for Assigned Names and Numbers (ICANN) policy allowing a domain to be cancelled -- with all fees refunded -- within a five-day grace period, intended to address the issue of accidental registrations1. However, the practice is open to abuse by infringers. more
Modern Internet Standards provide for more reliability and further growth of the Internet. But are you using them? You can test this on the Dutch website www.internet.nl (also available in English and Polish). Recently the website was renewed. Not only the style has been adapted, but also the way the tests are performed and the test results are shown. A lot of additional information has been added, so that even the tech savvy internet users can find an explanation underpinning the test results. more
It is rather amazing to follow the reporting on the FBI vs Apple case in relation to the FBI's order to Apple to provide them with software that would allow them to crack the security code on all Apple phones. In some of those reports spin doctoring from the FBI -- especially through the public media -- led you to believe that Apple is not willing to assist the FBI in the San Bernardino murder case. This is, however, blatantly false. more
The public cloud services market in the mature Asia/Pacific (AP) region is on pace to grow 8.7 percent in 2015 to total $7.3 billion, up from $6.7 billion in 2014, according to new research from Gartner. more
The Subcommittee on Communications and Technology has scheduled a hearing for Wednesday, April 2, 2014 on "Ensuring the Security, Stability, Resilience, and Freedom of the Global Internet." more
Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more
EFF, Mozilla, Cisco, Akamai, Identrust, and researchers at the University of Michigan today announced a new certificate authority (CA) initiative called "Let's Encrypt". more
A paper released today by ICANN provides a chronology of events related to the containment of the Conficker worm. The report, "Conficker Summary and Review," is authored by ICANN's Dave Piscitello, Senior Security Technologist on behalf of the organization's security team. more
Over the past several years, domain name queries - a critical element of internet communication - have quietly become more secure, thanks, in large part, to a little-known set of technologies that are having a global impact. Verisign CTO Dr. Burt Kaliski covered these in a recent Internet Protocol Journal article, and I'm excited to share more about the role Verisign has performed in advancing this work and making one particular technology freely available worldwide. more
Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more
U.S. Subcommittee on Communications & Technology and the Subcommittee on Commerce, Manufacturing, and Trade have announced a joint hearing to examine recent cyberattacks. more
SANS has announced NetWars CyberCity, a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. NetWars CyberCity was developed to teach cyber warriors from the U.S. Military how online actions can have kinetic effects. more
The European Commission has launched a new public-private partnership on cybersecurity expected to trigger €1.8 billion ($2B) of investment by 2020. more
A World-Renowned Source for Internet Developments. Serving Since 2002.