Cybersecurity |
Sponsored by |
|
This is an overview of the booklet, "Internet Governance: Issues, Actors and Divides," recently published by DiploFoundation and the Global Knowledge Partnership. "Internet Governance is not a simple subject. Although it deals with a major symbol of the DIGITAL world, it cannot be handled with a digital - binary logic of true/false and good/bad. Instead, the subject's many subtleties and shades of meaning and perception require an ANALOGUE approach, covering a continuum of options and compromises." Update: This article was reposted with additional information and a new title. more
Hackers are using company domain names for malicious attacks more than ever before. Established research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered, confusingly similar domain name, or via email header spoofing. Domain security intelligence is the first line of defense in preventing domain cyberattacks. more
As 2019 wrapped up, we took some time to reflect on some of the most impactful digital developments of the past decade and how they helped change our digital lives, including: the rise of mobile and tablet usage; the importance of mobile apps; the explosion of social media and online gaming; cloud computing; domain names, brand protection and the impact of GDP. Now that we've passed the New Year, it's time to look forward. more
We are approaching the end of this 10 part series on the most common IPv6 security myths. Now it's time to turn our eyes away from security risks to focus a bit more on security resources. Today's myth is actually one of the most harmful to those who hold it. If you believe that there is no good information out there, it's nearly impossible to find that information. So let's get down to it and dispel our 9th myth. more
The Network Time Protocol (NTP) has been in the news a number of times over the past couple of years because of attacks on the protocol, vulnerabilities in the daemon, and the use of NTP in DDoS attacks. In each case, the developers of NTP have responded quickly with fixes or recommendations for remediating these attacks. Additionally, the development team has continued to look ahead and has worked to enhance the security of NTP. Unfortunately, that has not translated to an improved security picture for NTP. more
The House Committee on Science recently held a hearing to "examine the extent of U.S. vulnerability to cyber attacks on critical infrastructure such as utility systems, and what the federal government and private sector are doing, and should be doing, to prevent and prepare for such attacks." Specific issues addressed at the hearing included whether: 1) the U.S. is able to detect, respond to, and recover from cyber-attacks on critical infrastructure; and 2) is there a clear line of responsibility within the federal government to deal with cybersecurity... more
As we, here in the United States celebrate our independence this Fourth of July, we are reminded that the liberties and freedoms that come with that independence have yet to be won online. As citizens of this country we are blessed with safety and security from threats both foreign and domestic, but those guarantees have not yet extended to our citizenship in the global Internet community. This is true not just for American citizens, but for all Internet users throughout the world. more
"Is Your Internet Up-To-Date?" Does your existing Internet connection work with IPv6 and DNSSEC? Do your web sites support IPv6, DNSSEC and TLS? Is there a quick way to find out? Earlier this month a new site, Internet.nl, was launched to make this all easy for anyone to test. All you do is visit the site at en.internet.nl (also available in Dutch) and just follow the very easy links. more
Most of our IPv6 Security Myths are general notions, often passed on unwittingly between colleagues, friends, conference attendees, and others. Today's myth is one that most often comes specifically from your vendors or suppliers. Whether it's a hardware manufacturer, software developer, or Internet Service Provider (ISP), this myth is all about trust, but verify. more
The latest Anti-Phishing Working Group (APWG) Global Phishing Survey, which analyzed over 100,000 phishing attacks in the first half of 2014, examines the progress that top level domains (TLDs) are making in responding to phishing attacks that use their TLDs. The report finds the .INFO domain has the lowest average phishing uptimes as compared to other TLDs, such as .COM and .NET. more
In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes. more
Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more
At the ENISA presentation on her botnet report at eco in Cologne, 9 and 10 March, one of the slots was dedicated to threats to the mobile environment. The message I was supposed to come home with was: we can still count the numbers of mobile viruses manually, <600; the problem will never be the same as on a fixed network as traffic is monitored and metered: We detect it straight away. We are studying the problem seriously. Are mobile operators really prepared for what is coming? more
This week's myth is interesting because if we weren't talking security it wouldn't be a myth. Say what? The phrase "96 more bits, no magic" is basically a way of saying that IPv6 is just like IPv4, with longer addresses. From a pure routing and switching perspective, this is quite accurate. OSPF, IS-IS, and BGP all work pretty much the same, regardless of address family. Nothing about finding best paths and forwarding packets changes all that much from IPv4 to IPv6. more
"GOD, at least in the West, is often represented as a man with a flowing beard and sandals. Users of the Internet might be forgiven for feeling that nature is imitating art — for if the Net does have a god he is probably Jon Postel" (The Economist, Feb. 1997) David W. Maher, Senior Vice President, Law and Policy of Public Interest Registry (PIR) offers his reminiscence of the early days of the Internet and attempts made to restructure the Domain Name System — an article he has entitled 'Reporting to God'. more
A World-Renowned Source for Internet Developments. Serving Since 2002.