Cybersecurity

UK Announces Additional £1.9 Billion in Cyber Security Funding

Chancellor George Osborne announces government plan to almost double its investment in cyber security initiatives over the next five years, spending an additional £1.9 billion. more

Hackers Earned Over $100K in 20 Days Through Hack the Air Force 2.0

HackerOne has announced the results of the second Hack the Air Force bug bounty challenge which invited trusted hackers from all over the world to participate in its second bug bounty challenge in less than a year. more

Afilias and Neustar to Collaborate With ISC on DNS Security Initiative

Internet Systems Consortium (ISC) has announced that it is working with Afilias and Neustar, Inc. in the effort to support ISC's DNSSEC Look-aside Validation (DLV) registry by providing secondary DNS service for the DLV zone. DLV is a mechanism that provides many of the benefits of DNSSEC (short for DNS Security Extensions), enabling domain holders to secure their domain information today in advance of broader DNSSEC deployment and adoption. "Adding Afilias and Neustar as secondary DNS providers for the DLV zone demonstrates our collective understanding that DLV is a vitally important production service bigger than any single provider in the same way that there are 13 root server operators, not just one." more

MAAWG Overview of DNS Security - Port 53 Protection

J.D. Falk writes: Last week, MAAWG quietly published a new document titled "Overview of DNS Security - Port 53 Protection." [PDF] The paper discusses cache poisoning and other attacks on the local DNS, including likely effects of such a compromise and what access providers may be able to do to prevent it. more

APWG Releases 2008 First Quarter Phishing Activity Trends Report

The Anti-Phishing Working Group (APWG) has released its 2008 first quarter Phishing Activity Trends Report revealing that the Crimeware-Spreading URLs rose rapidly doubling previous high. More specifically, the report say that numbers of crimeware-spreading URLs infecting PCs with password-stealing code rose 93 percent in Q1, 2008 to 6,500 sites, nearly double the previous high of November, 2007 -- and an increase of 337 percent from the number detected end of Q1, 2007. On the positive side, the number of phishing reports and new phishing websites decreased at the end of Q1 2008 period. more

Women in Security Organize New Conference in Reaction to RSA’s Lack of Female Speaker Inclusion

RSA, one of the largest cybersecurity conferences, has been criticized for booking only one female keynote speaker this year who is Monica Lewinsky. more

Millennials an Untapped Resource for Cybersecurity Skills but They Lack Awareness, Study Finds

A study was recently conducted by Enterprise Strategy Group (ESG) to find out where the potential answers to the cybersecurity skills shortage amongst technology-savvy millennials and post-millennials in the US. more

Preparing DNSSEC for the Post-Quantum Era

To prepare DNS security for a post-quantum future, Verisign and partners are testing new cryptographic strategies that balance security, performance, and feasibility, especially through the novel Merkle Tree Ladder mode for managing large signatures. more

Google Limits Some Employees’ Access to the Internet

Google has launched a pilot program to bolster its cybersecurity defenses by limiting internet access for some employees. Initially, Google selected 2,500 participants, but after receiving feedback, it modified the program to allow employees to opt out and invite volunteers to join. more

Ukraine Conflict Transformed the Cyber Threat Landscape, Says Google

According to a recent analysis, the cyber threat landscape has changed dramatically one year since the Russian invasion of Ukraine. Google TAG, Mandiant, and Trust & Safety have released a report titled, Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape, based on analysis from Google’s Threat Analysis Group (TAG), Mandiant, and Google Trust & Safety. more

China, Russia Posing More Aligned Cyberattack Threats to the US, Says Chief of National Intelligence

Dan Coats, Director of US National Intelligence warns China and Russia are increasingly using cyber operations to steal information, influence citizens and to disrupt critical infrastructure. more

‘Not the Best Time’ for Proposed Russia-U.S. Cyber Unit, Says NSA Chief

NSA chief, Mike Rogers during the annual Aspen Security Forum on Saturday, shunned the proposed Russia-U.S. cyber unit, stating "I would argue now is probably not the best time to be doing this." more

IT Security Guide: “Financial Impact of Cyber Risk” Released by ANSI and ISA

The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) released today a new action guide to assist business executives in the analysis, management and transfer of financial risk related to a cyber attack. In 2004, the Congressional Research Service estimated the annual economic impact of cyber attacks on businesses -- which can come from internal networks, the Internet or other private or public systems -- to be more than $226 billion. In 2008, U.S. Department of Homeland Security Secretary Michael Chertoff named cyber risks one of the nation's top four priority security issues. more

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

At a speech during the Security and Defense Agenda meeting on 30 January Vice-President of the European Commission, Neelie Kroes, showed how the Commission envisions public-private cooperation on cyber security. more

Trump to Sign Cybersecurity Executive Order on Tuesday

President Donald Trump expected to sign an executive order on cyber security on Tuesday. more