Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
If it's not an era of intense faith in the multilateral system, somewhere among the Trump Administration's anonymous adults in the room there is a believer, and the Internet might be the better for it. Evidence for the existence of this fifth columnist lies in the US National Cyber Strategy, launched last month under the commander-in-chief's unprepossessing signature, which looks to provide security for America's connected economy. more
An Internet Bill of Rights may or may not be a good idea. The point here is that, besides highly commendable topics such as net neutrality and privacy, some of them seem to mandate cybersecurity. Approved in Brazil last May, the Marco Civil includes the principle of preservation of stability, security and functionality of the network, via technical measures consistent with international standards. more
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more
During a conference, "Internet of Things," in France, the U.S. Department of Commerce made the announcement that it will hold a public consultation on the different proposals to cryptographically sign the DNS root zone file, and determine who will hold the root zone trust anchor for global DNSSEC implementation, says Milton Mueller on the Internet Governance Forum blog. The blog, titled "Commerce Department asks the world to comment on its plans to retain control of the root," continues... more
As one of the earliest protocols in the internet, the DNS emerged in an era in which today's global network was still an experiment. Security was not a primary consideration then, and the design of the DNS, like other parts of the internet of the day, did not have cryptography built in. Today, cryptography is part of almost every protocol, including the DNS. And from a cryptographer's perspective, as I described in my talk at last year's International Cryptographic Module Conference (ICMC20), there's so much more to the story than just encryption. more
Sophie Curtis of eWeek reports: "Researchers have discovered a hole in the secure sockets layer (SSL) protocol, enabling man-in-the-middle attackers to hack into secure applications despite traffic encryption. According to security researcher Chris Paget, hackers can exploit this flaw by breaking into shared hosting environments, mail servers and databases, and inserting text into encrypted traffic as it passes between two end users. This could lead to fragmentation of SSL transactions, giving hackers the opportunity to inject false commands such as password resets into communications which are otherwise encrypted." more
Neil Schwartzman writes: Steven R. Chabinsky, Deputy Assistant Director, Cyber Division of the Federal Bureau of Investigation gave a keynote at the GovSec/FOSE Conference in Washington, D.C., March 23, 2010. Full text of the speech here. more
Ryan Naraine reporting at Threatpost: "Head of Google's anti-malvertising team Eric Davis wants Internet Service Providers (ISPs) to look beyond profits and take a more proactive approach to dealing with malware-infested computers on their networks. During a keynote presentation at the Virus Bulletin conference here, Davis said competitors in the ISP space must look beyond profits and partner on new initiatives to deal with the "parasites" that have taken control of the Internet landscape." more
Experts, companies and civil society groups around the world ask governments to support strong encryption -- and reject proposals that would undermine the digital security it provides. more
Michela Menting, Research Director at ABI Research sharing a cybersecurity perspective amidst Brexit aftermath: "It is likely that the UK will continue in a similar direction as the rest of the EU with regards to cybersecurity and cybercrime. However, there may be a dampening impact on the country with regards to the skills pool." more
American officials have revealed an ongoing struggle to expel Chinese hackers from telecommunications networks, months after the espionage was first discovered. The campaign, attributed to a group called "Salt Typhoon," has infiltrated major telecom carriers, particularly in the Washington region. more
Russian government hackers are reported to be behind latest cyber-intrusions into the business systems of U.S. nuclear power and other energy companies with efforts to assess networks. more
Security expert and malware analyst, Lenny Zeltser has examined a creative malware distribution method in the real world where fliers placed on windshield of cars scare drivers into visiting a malicious website. Zeltser writes: "Several days ago, yellow fliers were placed on the cards in Grand Forks, ND. They stated: 'PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to website-redacted' ... If you went to the website, you'd see several photos of cars on parking lots in that specific town..." more
The headlines out of ICANN's meeting in Beijing may be all about new domains, but it is the quiet, systemic evolution of ICANN itself that holds the greatest promise for Internet users globally. ICANN President Fadi Chehadé opened the meeting by announcing that it was ICANN's "season to evolve," and setting forth a series of programs, restructuring efforts and policy initiatives intended to make ICANN more responsive to the needs of its stakeholders, and by extension, to the needs of all Internet users, everywhere in the world. more
At regular intervals, I have discussed the cybersecurity situation in Australia. In those assessments, I wrote about my frustration that the previous government policies more or less resembled a fire brigade approach. Trying to address individual incidents with regulations and legislation rather than coming up with a holistic strategy. more
A World-Renowned Source for Internet Developments. Serving Since 2002.