Cybersecurity |
Sponsored by |
|
Apple's Wordwide Developers Conference may have just ended, but already, the conference release of Mac's OS X 10.6 — a beta build previewed for developers — has been leaked onto torrent sites. It borders on irony: for years, Mac lovers have touted the superior security of the Mac operating system over Windows, but earlier this year, it was torrent sites — the very sites where OS X 10.6 is now being freely copied — that caused more than 25,000 Mac users to fall victim to the iServices Trojan. Some Macs never learn. more
U.S. National Security Agency Director, Army Gen. Paul M. Nakasone, has announced the formation of the AI Security Center, a new entity designed to oversee the development and integration of artificial intelligence within the nation's security systems. more
With traditional cyber strategies failing businesses and governments daily, and the rise of a new breed of destruction-motivated Poli-Cyber terrorism threatening "Survivability", what are top decision makers to do next? There is a global paradigm change in the cyber and non-cyber threat landscape, and to address it the industry has to offer innovative solutions. more
Each SANSFIRE, the Handlers who can make it to DC get together for a panel discussion on the state of information security. Besides discussion of the hot DNS issue, between most of us there is a large consensus into some of the biggest problems that we face. Two come to mind, the fact that "users will click anything" and that "anti-virus is no longer sufficient". These are actually both related in my mind... more
Many organizations are struggling to overcome key conceptual differences between today's AI-powered threat detection systems and legacy signature detection systems. A key friction area -- in perception and delivery capability -- lies with the inertia of Indicator of Compromise (IoC) sharing; something that is increasingly incompatible with the machine learning approaches incorporated into the new breed of advanced detection products. more
While the March report from ICANN's Domain Abuse Activity Reporting system show a general reduction in second-level gTLD domain names identified as being used in phishing, malware distribution, and botnet command and control, it has been widely reported that criminals are taking advantage of the global COVID-19 pandemic by launching malicious online campaigns. There have also been numerous reports of spikes in the use of COVID-19-related domain names for DNS Abuse. more
Michela Menting, Research Director at ABI Research sharing a cybersecurity perspective amidst Brexit aftermath: "It is likely that the UK will continue in a similar direction as the rest of the EU with regards to cybersecurity and cybercrime. However, there may be a dampening impact on the country with regards to the skills pool." more
The United States and India signed a Memorandum of Understanding (MOU) today to promote closer cooperation and the timely exchange of information between the organizations of their respective governments responsible for cybersecurity, according to U.S. Department of Homeland Security. "The MOU was signed in New Delhi by Jane Holl Lute, Deputy Secretary for the U.S. Department of Homeland Security (DHS) and R. Chandrashekhar, Secretary, India Department of Information Technology." more
During a conference, "Internet of Things," in France, the U.S. Department of Commerce made the announcement that it will hold a public consultation on the different proposals to cryptographically sign the DNS root zone file, and determine who will hold the root zone trust anchor for global DNSSEC implementation, says Milton Mueller on the Internet Governance Forum blog. The blog, titled "Commerce Department asks the world to comment on its plans to retain control of the root," continues... more
An Internet Bill of Rights may or may not be a good idea. The point here is that, besides highly commendable topics such as net neutrality and privacy, some of them seem to mandate cybersecurity. Approved in Brazil last May, the Marco Civil includes the principle of preservation of stability, security and functionality of the network, via technical measures consistent with international standards. more
Straightforward out-of-court domain name proceeding can provide efficient relief against fraudulent websites and email. Google has seen a steep rise amid the Coronavirus pandemic in new websites set up to engage in phishing (i.e. fraudulent attempts to obtain sensitive information such as usernames, passwords and financial details). Companies in all industries - not just the financial sector - are at risk from this nefarious practice. But one relatively simple out-of-court proceeding may provide relief. more
The 24th DNS-OARC meeting was held last week in Buenos Aires -- a two-day DNS workshop with amazingly good, consistent content. The programme committee are to be congratulated on maintaining a high quality of presentations. Here are my picks of the workshop. They fall into three groups, covering themes I found interesting... These presentations related to the ongoing problem of DNS as a source of reflection attacks, or a victim of attempted DDoS... more
Think your organization is exempt from in-house network abuse? Think again. A CFCA Global Fraud Survey of communication service providers found that dealer fraud was one of the top five methods of fraud, costing $US 3.35 billion annually. In this scenario, customer service representatives (CSRs) or administrators with access to account information may upgrade friends or family to a premium service package or even provide free access to services. more
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more
In a developing cybersecurity concern, IT experts and researchers warn of potential misuse of Google's new .zip and .mov top-level domains (TLDs), which they argue could be exploited for phishing attacks and malware distribution. more
A World-Renowned Source for Internet Developments. Serving Since 2002.