Cybersecurity

Is Zoom’s Server Security Just as Vulnerable as the Client Side?

Zoom programmers made elementary security errors when coding, and did not use protective measures that compiler toolchains make available. It's not a great stretch to assume that similar flaws afflict their server implementations. While Mudge noted that Zoom's Windows and Mac clients are (possibly accidentally) somewhat safer than the Linux client, I suspect that their servers run on Linux.Were they written with similar lack of attention to security? more

Kadnap Malware Infects 14,000 Routers Worldwide, Designed to Resist Takedowns Experts Warn

Security researchers have uncovered Kadnap malware infecting more than 14,000 routers worldwide, forming a resilient peer-to-peer botnet that exploits outdated edge devices and could enable covert communications, proxy traffic, and future cyber attacks. more

Moving Beyond Associated Domain Checks: The Urgent Need to Ban Short-Term Domain Leasing

ICANN's new DNS abuse rules mark progress, yet short-term domain leasing enables fleeting, hard-to-detect attacks. A proposed 30-day minimum lease could curb cybercrime by undermining the economics of weaponised parked domains. more

British Banks Not Fully Reporting Cyber Attacks, Fear Punishment, Bad Publicity

"Britain's banks are not reporting the full extent of cyber attacks to regulators for fear of punishment or bad publicity, bank executives and providers of security systems say," reports Lawrence White in Reuters today. more

The Kinetic Frontier: Lessons From Geopolitical Violence and the Bunkerization of AI Infrastructure

Kinetic attacks on Gulf data centres expose the cloud's physical fragility, recasting AI infrastructure as strategic targets and accelerating bunkerisation, while outdated data laws leave firms choosing between legal compliance and digital survival. more

US Senators in Letter to Yahoo Say Late Hack Disclosure “Unacceptable”

"A group of Democratic U.S. senators on Tuesday demanded Yahoo Inc (YHOO.O) to explain why hackers' theft of user information for half a billion accounts two years ago only came to light last week and lambasted its handling of the breach as "unacceptable," reports Dustin Volz from Washington in Reuters. more

How Bad Actors Are Leveraging DNS: Looking at the Latest Trends

Bad actors are exploiting DNS with growing sophistication. New domains dominate threat infrastructure, daily user exposures are rising, and AI is accelerating attack creation, making DNS intelligence an increasingly critical early-warning system for modern cyber defence. more

Five Things the UN Permanent Mechanism on Cybersecurity Must Actually Deliver

The UN's new permanent cybersecurity mechanism promises continuity after decades of fleeting forums, yet risks irrelevance unless states enforce existing law, bridge cybercrime divides, address AI threats, build practical capacity, and include non-state expertise meaningfully. more

Iran-Linked Cyberattacks Expose Fragility of America’s Industrial Nerve System

Iran-linked hackers infiltrated US industrial control systems, disrupting energy and water infrastructure. The attacks highlight systemic vulnerabilities in internet-connected devices and signal an enduring cyber threat despite easing geopolitical tensions. more

Africa’s AI Governance Crisis Is Not a Regulatory Gap, It Is a Sovereignty Emergency

Africa's looming AI rules expose a deeper problem: foreign-controlled infrastructure, weak enforcement capacity and externally governed data flows are eroding digital sovereignty, leaving states unable to regulate, protect citizens or meet global obligations. more

Securing Africa’s Digital Future: Why Cybersecurity Must Lead Digital Transformation

Africa's rapid digital expansion, from fintech to e-government, is outpacing its cybersecurity capacity, leaving critical systems exposed and trust at risk unless governments embed security as a core pillar of development across the continent today. more

Why Africa’s Cybersecurity Problem Has Nothing to Do with Hackers

Africa's cybersecurity failures stem less from sophisticated hackers than from insecure system design, weak governance and limited skills, leaving institutions exposed and shifting the challenge from external threats to internal accountability and resilience. more

How DNSXplore Strengthens Internet Trust Across the Global DNSSEC Landscape

A once-trusted internet protocol is showing its age. DNSXplore, a global DNSSEC archive, exposes weaknesses, improves diagnostics and nudges adoption, helping secure the cryptographic chain underpinning online trust. more

U.S. Blocks Foreign-Made Routers Over Cybersecurity Fears

America has barred imports of new foreign-made routers, citing cybersecurity risks tied to espionage and infrastructure disruption, signalling a broader push to reduce reliance on Chinese technology in critical network systems. more

Trusted Notifier Network (TNN) Core Concept 1: Unfair Cost Transfer and Reversal of Commercial Best

A flawed abuse-response system shifts costs from perpetrators to intermediaries, overwhelming enforcement. The Trusted Notifier Network seeks to realign incentives, curb low-quality reporting, and restore efficiency by embedding trust, accountability, and cost redistribution. more