Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Having researched and written about the 100 year history of U.S. State Department's institutional machinations in the telecom/cyber sector, taught law school graduate courses, and worked with its bureaus and staff over the past 45 years, the latest twists and turns seem to repeat past mistakes. The fundamental problem is that the U.S. is the only country whose Foreign Ministry is given a significant role and engaged in telecom and cyber matters in global venues. more
Unless you have a team employing the latest proactive threat-hunting techniques, the stealthy Advanced Persistent Threat (APT) hiding in your network can pass by completely unnoticed. There are as many definitions of APT as experts writing about the topic, so let's boil it down to the simple essentials: APTs are usually implanted and maintained by a team of malicious actors with the intention of living long term in your network while extracting valuable private information. more
Today, the Biden Administration released the National Cybersecurity Strategy, which outlines the use of all available resources to protect the United States' security, safety, and economic prosperity. more
It is certainly true that DDoS and hacking are on the rise; there have been a number of critical hacks in the last few years, including apparent attempts to alter the outcome of elections. The reaction has been a rising tide of fear, and an ever increasing desire to "do something." The something that seems to be emerging is, however, not necessarily the best possible "something." Specifically, governments are now talking about attempting to "wipe out" the equipment used in attacks. more
The U.S. government has declared criminal charges, economic sanctions, and a $10 million reward for information leading to the arrest of a Russian citizen, Mikhail Matveev. Accused of a series of ransomware attacks, Matveev's alleged operations, known as Babuk, have targeted entities such as the D.C. police, an airline, and other American industries. more
A team of developers including .SE (The Internet Infrastructure Foundation), LNetLabs, Nominet, Kirei, SURFnet, SIDN and John Dickinson have come together to create open source software, called OpenDNSSEC, to make it easier to deploy DNSSEC. Patrik Wallström, responsible for DNSSEC at .SE comments: "In order to spread the use of DNSSEC to an increased number of domain names, the management surrounding this technology must be simplified. Together with a number of collaborators, we're developing OpenDNSSEC. Leveraging our deployment experience, we will produce a well-packaged, easy-to-use and flexible DNSSEC tool that eliminates all manual procedures. Those in charge of name servers no longer need detailed knowledge about the protocol in order to use it." more
Usernames/email addresses and encrypted passwords for profile accounts created on the ICANN.org public website have been obtained by an unauthorized person, the Internet Corporation for Assigned Names and Numbers announced Wednesday night. more
The U.S. Department of Homeland Security has issued a warning about cybersecurity vulnerabilities in medical devices which have come after independent researchers, or the companies themselves, reporting the problems. more
Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more
Ubiquiti Networks Inc., a San Jose based maker of networking technology, has disclosed that cyber criminals stole $46.7 million via a "business email compromise fraud involving employee impersonation." more
In August of last year I wrote in a blog about the importance of cryptech to wide-scale trust in the Internet. For those who don't know about it, http://cryptech.is is a project aiming to design and deploy an openly developed, trustable Hardware Security Module (HSM) which can act both as a keystore (holding your secrets and keeping them private) and as a signing engine. more
In a joint announcement today, Dutch research institute CWI and Google revealed that they have broken the SHA-1 internet security standard "in practice". more
The conventional wisdom in the world of legacy standards-making is that monolithic standards produce, if not accelerate, better products and services. Conformance, certification, and associated labelling schemes to implement those standards were believed essential to trust. Although competition law seems now evolving in the other direction, regulatory standards-making bodies themselves have been accorded considerable anticompetitive cartel liability protection. more
Network security experts from across the U.S. government told a U.S. Senate Armed Services Subcommittee on Tuesday that federal networks have been thoroughly penetrated by foreign spies, and that current perimeter-based defenses that attempt to curb intrusions are outdated and futile. more
Georgia Tech Information Security Center (GSTISC) today held its annual Security Summit on Emerging Cyber Security Threats and released the GTISC Emerging Cyber Threats Report for 2009, outlining the top five areas of security concern and risk for consumer and enterprise Internet users for the coming year... According to the report, data will continue to be the primary motive behind future cyber crime-whether targeting traditional fixed computing or mobile applications. "It's all about the data," says security expert George Heron -- whether botnets, malware, blended threats, mobile threats or cyber warfare attacks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.