Cybersecurity |
Sponsored by |
|
Unless you have a team employing the latest proactive threat-hunting techniques, the stealthy Advanced Persistent Threat (APT) hiding in your network can pass by completely unnoticed. There are as many definitions of APT as experts writing about the topic, so let's boil it down to the simple essentials: APTs are usually implanted and maintained by a team of malicious actors with the intention of living long term in your network while extracting valuable private information. more
This blog post and the associated report aim to provide an overview of DNS Abuse 1related issues the Governmental Advisory Committee (GAC), part of the ICANN multi-stakeholder model, has identified. We also summarize the relevant community activity taking place to address these areas of interest and highlight remaining gaps. From 2016 to June 2023, the GAC referenced four primary categories of activity related to DNS Abuse. more
Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more
"Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state," reports Dan Goodin in Ars Technica. more
At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more
The emergence of ChatGPT, a powerful AI language model developed by OpenAI, has revolutionized the way developers approach coding tasks. With its ability to generate code snippets and even entire software programs, ChatGPT offers convenience and time-saving potential. more
Over the last ten years, Andrew Odlyzko has been writing about a pricing algorithm that would assure reasonable service levels at reasonable prices. If you're going to F2C, you might want to read that brief article or this slightly more complex one to learn (or refresh your sense of) PMP -- Paris Metro Pricing models to deal with network congestion. You'll also get a sense of why throwing bandwidth at the network will not be sufficient. Here's a great article from 1995... more
Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more
Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. more
Domain names give your intellectual property visibility, as well as provide function for your company's infrastructure. Vital domain names are simply too important to be left exposed. To protect them, you can add extra layers of security to your digital brand with easy, secure, server-level protection in addition to multi-level locks that combat domain name system (DNS) hijacking and protect against unauthorized changes and deletions to your critical domain names. more
Cyber espionage group targets South American and Southeast Asian governments using custom Felismus malware. more
The web performance and security company, Cloudflare has shared one of the methods it uses to ensure randomness when generating encryption keys. more
U.S. Internal Revenue Service Commissioner (IRS) testified before the Senate Finance Committee stating the agency has discovered fraudsters could use someone's personal data to fill out a financial aid application, and the "Data Retrieval Tool" would populate the application with tax information. more
The Japanese Defense Ministry is creating a computer virus capable of tracking, identifying and disabling sources of cyberattacks, according to reports. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment. "The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus." more
Majority of U.S. Federal agencies using .gov domains have not signed their DNS with DNSSEC (Domain Name Security Extensions) despite a December 2009 Federal deadline for adoption, according to the latest report by IID (Internet Identity). IID analyzed the DNS of more than 2,900 .gov domains and has released the results in its "Q3 State of DNS Report". more
A World-Renowned Source for Internet Developments. Serving Since 2002.