Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The following is a report by Susan Crawford at the ICANN meeting in Cape Town where a workshop was held yesterday for increasing awareness and understanding of United Nation's World Summit on the Information Society (WSIS) and issues that directly impact ICANN. "WSIS" is defined as a process in which governments intend to address a broad range of international legal, regulatory, economic, and policy issues related to the Internet. Some governments have proposed that an intergovernmental organization be responsible for "Internet governance," a phrase that remains undefined and some consider to include and/or mean the administration and coordination of the domain name system (DNS). more
Over the past 30 years the Domain Name System has become an integral part of the operation of the Internet. Due to its ubiquity and good performance, many new applications over the years have used the DNS to publish information. But as the DNS and its applications have grown farther from its original use in publishing information about Internet hosts, questions have arisen about what applications are appropriate for publication in the DNS, and how one should design an application to work well with the DNS. more
There are many news reports of a ransomware worm. Much of the National Health Service in the UK has been hit; so has FedEx. The patch for the flaw exploited by this malware has been out for a while, but many companies haven't installed it. Naturally, this has prompted a lot of victim-blaming: they should have patched their systems. Yes, they should have, but many didn't. Why not? Because patching is very hard and very risk, and the more complex your systems are, the harder and riskier it is. more
I have previously pointed out the shortcomings of good and user friendly support for DNSSEC in Microsoft's Server 2008 R2. During the period just after I wrote the post, I had a dialogue with Microsoft, but during the last months there has been no word at all. The reason I bring this up again is that more and more Top Level Domains (TLDs) now enable DNSSEC and also the fact that within six months the root will be signed. more
No that's not really happening, Google is not buying VeriSign. But given Google's ravenous appetite for data, it might find VeriSign quite attractive. VeriSign has both root domain name servers and servers for the .com and .net top level domains (TLDs). VeriSign could data mine the queries coming into those servers and produce a very valuable real-time stream of what users on the net are doing... Google just bought Postini -- and one would have to be fairly naive to believe that Google does not intend to dredge through all... more
As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the "killer app" of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us have become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the free and open source software (FOSS) community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004. more
At the ENISA presentation on her botnet report at eco in Cologne, 9 and 10 March, one of the slots was dedicated to threats to the mobile environment. The message I was supposed to come home with was: we can still count the numbers of mobile viruses manually, <600; the problem will never be the same as on a fixed network as traffic is monitored and metered: We detect it straight away. We are studying the problem seriously. Are mobile operators really prepared for what is coming? more
In many respects the internet is going to hell in a hand basket. Spam, phishing, DNS poisoning, DDoS attacks, viruses, worms, and the like make the net a sick place. It is bad enough that bad folks are doing this. But it is worse that just about every user computer on the net offers a nice fertile place for such ill behavior to be secretly planted and operated as a zombie under the control of a distant and unknown zombie farmer. ...Some of us are coming to the converse point of view that the net is being endangered by the masses of ill-protected machines operated by users. more
At the Internet Governance Forum in Baku, I made an intervention on behalf of NL IGF, reporting on the recommendations given by the participants of Workshop 87... I concluded that more regulatory and law enforcement bodies need to become part of the IGF discussions, as they are an integral part of governing the Internet from a safety and security perspective. Mr. Cerf responded with a one-liner: "I can't help observing, if we keep the regulatories confused, maybe they will leave us alone". more
Cybercriminals live by the tenet "If it ain't broke, don't fix it." They'll use the same tactics repeatedly until they no longer work, then switch things up. That's why CISOs and their security teams maintain constant vigilance. Underscoring this, recent analysis of global DNS activity found that new domains continue to be a major tactic for bad actors. more
In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more
I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more
Although IPv6 DDoS attacks are not yet a common occurrence, there are indications that malicious actors have started testing and researching IPv6 based DDoS attack methods. more
On 24 May, NIST published recommendations that are a key component of the U.S. cybersecurity ecosystem -- known as vulnerability disclosure guidelines. NIST (National Institute of Standards and Technology) is an agency of the Department of Commerce whose mission includes "developing cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public." more
A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.