Cybersecurity

ICANN Appoints IID’s Rod Rasmussen to Its Security and Stability Advisory Committee

ICANN has appointed IID President and CTO Rod Rasmussen to its Security and Stability Advisory Committee (SSAC). An area that Rasmussen's work and recent SSAC reports have both covered in-depth is domain name hijacking. Recent hijackings against UFC.com and Coach.com, and similar past attacks against CheckFree, Comcast and Twitter have heightened awareness about the security dangers with the Internet's infrastructure. more

Neustar Announces Intention to Separate Into Two Independent and Publicly Traded Companies

This move will allow the company to separate its call routing services for telecom carriers from its marketing and security related services. Additionally the company has indicated that the latter unit, that is marketing, security, and data services, will be rebranded. more

The Borg in Us All: Is Resistance Futile?

One of the main roles played by science fiction is to portray fundamental issues and questions that face humanity long before they actually become relevant to our daily lives. We cannot always be sure of where our reality ends, and fiction begins. Star Trek storylines including Borgs are a good example. In the storyline, Borgs are part organic, part artificial and created eons ago, yet they seem to presage the challenges in our contemporary personal reality and challenges in the Internet's cyberspace. more

U.S. Senators Introduce SEC Cybersecurity Disclosure Legislation

U.S. Senators Jack Reed (D-RI) and Susan Collins (R-ME) have introduced the bipartisan Cybersecurity Disclosure Act of 2015 on Thursday, a bill that seeks to encourage the disclosure of cybersecurity expertise, or lack thereof, on corporate boards at publicly traded companies. more

Trust, but Verify

We are at an inflection point in our lifetimes. The Internet is broken, seriously broken... Almost all of the systems currently in use on the Internet are based on implicit trust. This has to change. The problem is that these systems are so embedded in our everyday lives that it would be, sort of like, changing gravity, very difficult. more

Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code

The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. more

Former New York City Mayor Rudy Guliani Appointed to “Chair” Cyber Task Force

Transition spokesman Sean Spicer told reporters today that former New York City Mayo, Rudy Giuliani will "chair" the cyber task force that Trump announced last Friday. The task force is given three months from Trump's inauguration to deliver a cybersecurity plan. more

ICANN Website Breached, Passwords Obtained by an Unauthorized Person

Usernames/email addresses and encrypted passwords for profile accounts created on the ICANN.org public website have been obtained by an unauthorized person, the Internet Corporation for Assigned Names and Numbers announced Wednesday night. more

Experts Urge Support for Security Researchers, Call a Stop to Intimidation Efforts

Over fifty experts and expert advocates have released an open letter in support of security research and against efforts to chill or intimidate security researchers. more

The Rise of ChatGPT and Its Impact on Cybersecurity

The emergence of ChatGPT, a powerful AI language model developed by OpenAI, has revolutionized the way developers approach coding tasks. With its ability to generate code snippets and even entire software programs, ChatGPT offers convenience and time-saving potential. more

Testing, Testing, Testing for a More Secure (Internet) World

Reading up on COVID-19 and Zoom/Boris Johnson outcry yesterday, an analogy struck me between the two: the lack of testing. In both cases, to truly know how safe and secure we are, testing needs to be stepped up considerably. This post focuses on cybersecurity. Over the past days and weeks, more and more organisations have switched to digital products and services to sustain working from home, to keep productivity up and to be connected. more

Has Your ISP Been Hacked? (Growing Concern Over AI-Driven Hacking)

As if we didn't have a long enough list of problems to worry about, Lumen researchers at its Black Lotus Labs recently released a blog that said that it knows of three U.S. ISPs and one in India was hacked this summer. Lumen said the hackers took advantage of flaws in software provided by Versa Networks being used to manage wide-area networks. more

Identify DDoS Attacks with External Performance Monitoring (Part 2 of 3)

In Part One of this series, we examined internal server, network and infrastructure monitoring applications. Now let's take a look at another way to capture DDoS information: external performance monitoring... Unlike network/infrastructure tools - which are usually installed inside a customer's network - external performance monitoring solutions are typically provided by a third party and leverage monitoring locations from around the world. more

US New Cybersecurity Strategy Includes Military Option

Defense Systems reports: "The U.S. government's sweeping new cybersecurity strategy announced May 16 states that the country will respond to a major cyberattack using any or all of the means at its disposal, reports the Associated Press. Although military response to a cyberattack is one of the options listed in the International Strategy for Cyberspace, it will be considered only as a last resort, officials said." more

Department of Homeland Security Issues More Warnings on Security Vulnerabilities in Medical Devices

The U.S. Department of Homeland Security has issued a warning about cybersecurity vulnerabilities in medical devices which have come after independent researchers, or the companies themselves, reporting the problems. more