Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
It is just another phishing case. Why should I care? I happened to receive my own copy of the phishing email message. Most Internet users will just smile bitterly before deleting it. I checked it to see why it had gone through the spam filters. It had no URL in the text but a reply-to address. So it needed a valid domain name, and had one: postfinances.com. PostFinance (without trailing "s") is the payment system of the Swiss Post. It has millions of users. more
Hackers are using company domain names for malicious attacks more than ever before. Established research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered, confusingly similar domain name, or via email header spoofing. Domain security intelligence is the first line of defense in preventing domain cyberattacks. more
It's been nearly two months since the high profile BGP hijack attack against MyEtherwallet, where crypto thieves used BGP leaks to hijack MEW's name servers, which were on Amazon's Route53, and inserted their own fake name servers which directed victims to their own fake wallet site, thereby draining some people's wallets. It generated a lot of discussion at the time... What isn't fully appreciated is that attack has, in fact, changed the game somewhat... more
As 2019 wrapped up, we took some time to reflect on some of the most impactful digital developments of the past decade and how they helped change our digital lives, including: the rise of mobile and tablet usage; the importance of mobile apps; the explosion of social media and online gaming; cloud computing; domain names, brand protection and the impact of GDP. Now that we've passed the New Year, it's time to look forward. more
Today's ever-evolving, digital world has fundamentally changed, enhanced and challenged the way in which businesses all over the world must operate. For organizations and professions that have existed for centuries, this has created the opportunity and the test of adapting to change to remain successful and relevant. The National Association of Boards of Pharmacy (NABP) was founded in 1904, at a time when there was little uniformity in the practice of, or standards for pharmacy. more
Interesting things happening in China. An article in the English edition of the People's Daily on line is headlined, Decimal network security address begins operation: "China's decimal network security address was officially launched. China has made a fundamental breakthrough in its Internet development; and actual use has been successful. The birth of decimal network technology makes China the only country able to unify domain names, IP addresses and MAC addresses into the text of a metric system..." Someone asked whether this was a rumored IPv9? It appears IPv9 is a project name, not a new protocol. It lumps together several activities, including at least... more
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more
As a strong proponent of the private right of action for all Internet endpoints and users, I've long been aware of the costs in complexity and chaos of any kind of "blocking" that deliberately keeps something from working. I saw this as a founder at MAPS back in 1997 or so when we created the first RBL to put some distributed controls in place to prevent the transmission of unwanted e-mail from low reputation Internet addresses. What we saw was that in addition to the expected costs (to spammers) and benefits (to victims) of this new technology there were unintended costs to system and network operators whose diagnostic and repair work for problems related to e-mail delivery was made more complex because of the new consideration for every trouble ticket: "was this e-mail message blocked or on purpose?" more
At the beginning of last year, MarkMonitor participated in VeriSign's beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering. However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures. more
Harvard Business Review just ran an interesting article on the information security aspects of Internet of Things (IoT). Based on the storyline, the smart city initiatives are doomed to fail unless the security of the IoT devices and the systems will be improved. While security of the digital society is obviously a key concern, I am not entirely convinced that relying on the security of individual devices and systems is the best course of action. more
During the past few years, the International Telecommunication Union (ITU) has been a battleground where governments promote rival visions of how the Internet should be governed. Although there has been a recent cease-fire as Internet governance debates have focused more on the role of ICANN, those skirmishes may soon restart at the ITU... Co-authored by Ambassador Gross (chair of Wiley Rein's International & Internet Practice), Carl R. Frank, Umair Javed, and Sara M. Baxenberg (members of Wiley Rein's Telecom, Media & Technology Practice). more
In October of 2016 the Mirai botnet came thundering onto the internet landscape. A digital Godzilla, a DDoS King Kong, this Internet of Things-powered behemoth began smashing DDoS attack records, online powerhouses like Reddit, Etsy, Spotify, CNN and the New York Times crumbling under its fists. When the dust had settled, and services had been restored, one thing seemed certain: a new era of DDoS attacks was upon us. Mirai was terrifying as a botnet but even worse as a harbinger. more
ENUM (E.164 NUmber Mapping) is a technology that has been around for a little while that has promised much and, so far, delivered little to the average user. As Nominet has recently been awarded the contract to administer the UK 4.4.e164.arpa delegation, I thought it was time that I put my thoughts on this subject down in writing. I'm going to cover the potential of ENUM in the telecoms industry and what it could mean to you, along with how it is currently being used and what potential security issues surround ENUM. more
From 5 April to 14 May 2004 trade mark owners can apply in the .pro domain for defensive registrations corresponding to their marks. The .pro domain is only available to doctors, lawyers and CPAs during this period, known as a "sunrise period". ...During the period when the creation of ten new generic domains is being discussed, it seems timely to wonder whether the multiplicity of generic extensions is not killing the specificity inherent of each of them. In addition, having a "sunrise period" for this new domain might be perceived by trade mark owners as an invitation to spend money rather than as a measure aimed at protecting their intellectual property rights. more
Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. ...However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. more
A World-Renowned Source for Internet Developments. Serving Since 2002.