Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
As we, here in the United States celebrate our independence this Fourth of July, we are reminded that the liberties and freedoms that come with that independence have yet to be won online. As citizens of this country we are blessed with safety and security from threats both foreign and domestic, but those guarantees have not yet extended to our citizenship in the global Internet community. This is true not just for American citizens, but for all Internet users throughout the world. more
Cybercriminals live by the tenet "If it ain't broke, don't fix it." They'll use the same tactics repeatedly until they no longer work, then switch things up. That's why CISOs and their security teams maintain constant vigilance. Underscoring this, recent analysis of global DNS activity found that new domains continue to be a major tactic for bad actors. more
Let's be honest about it. Nobody -- including those very clever people that were present at its birth -- had the slightest idea what impact the internet would have in only a few decades after its invention. The internet has now penetrated every single element of our society and of our economy, and if we look at how complex, varied and historically different our societies are, it is no wonder that we are running into serious problems with the current version of our internet. more
Despite global polarization, recent UN cyber diplomacy has achieved three significant agreements in 2024: a cyber attack reporting system, a convention against cybercrime, and a "Global Digital Compact." These successes show that consensus on global issues is possible, though the vague wording of agreements raises concerns about their long-term effectiveness in ensuring security and peace. more
FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more
"Is Your Internet Up-To-Date?" Does your existing Internet connection work with IPv6 and DNSSEC? Do your web sites support IPv6, DNSSEC and TLS? Is there a quick way to find out? Earlier this month a new site, Internet.nl, was launched to make this all easy for anyone to test. All you do is visit the site at en.internet.nl (also available in Dutch) and just follow the very easy links. more
We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more
In a developing cybersecurity concern, IT experts and researchers warn of potential misuse of Google's new .zip and .mov top-level domains (TLDs), which they argue could be exploited for phishing attacks and malware distribution. more
I had the pleasure of eating breakfast with Vint Cerf, chairman of ICANN's board and Chief Internet Evangelist at Google, prior to his keynote address this morning. It was great to discuss some of the issues domainers are facing with regards to registrar practices, expiring domains, etc. directly with Cerf. Cerf's keynote kept the crowd engaged. I've summarized the topics he covered... Some people have misunderstood Cerf's position with regards to adding new domains. He said he is not opposed to adding new TLDs. What he advocates, however, is having a solid rationale for adding new TLDs. Cerf believes the processes and outcomes of the first two rounds of TLD adds were not satisfactory... more
An anonymous tip has lead security experts Brian Krebs and Matthew Chambers to four years of access logs for the entire network of more than 1,000 dot-cm typosquatting domains. more
We are approaching the end of this 10 part series on the most common IPv6 security myths. Now it's time to turn our eyes away from security risks to focus a bit more on security resources. Today's myth is actually one of the most harmful to those who hold it. If you believe that there is no good information out there, it's nearly impossible to find that information. So let's get down to it and dispel our 9th myth. more
Earlier this week in a press release, VeriSign said that they are selling their SSL certificate business to Symantec. VeriSign is the dominant player in this market, having absorbed competitor Thawte in 1999, and Geotrust in 2006. Three years ago, when VeriSign decided to divest its non-core businesses, they kept the certificate business. So what's changed? more
ICANN has announced today that it has tentatively agreed to settle a longstanding dispute with VeriSign Inc. The dispute which began in part from SiteFinder, a controversial search service VeriSign created in late 2003 for users who mistype Web addresses. The following is an excerpt from today's press release... more
The Latin America and Caribbean Domain Name System (LAC DNS) Forum will be held on November 15, 2013 in Buenos Aires, Argentina. This follows on a similar initiative that took place at ICANN 47 in Durban, South Africa. The event's global, regional and local organizers plan to address key online issues, including more regional involvement with Internet governance. more
I have long been intrigued by the question of how do we turn the internet into a lifeline grade infrastructure... My hope that this will occur soon or even within decades is diminishing. Most of us observe, almost daily, how even well established infrastructures tend to crumble when stressed, even slightly... I was at the O'Reilly Etel conference last week. The content was impressive and the people there were frequently the primary actors in the creation and deployment of VOIP. However, not once during the three days did I hear a serious discussion by a speaker or in the hallways about how this evolving system would be managed, monitored, diagnosed, or repaired. more
A World-Renowned Source for Internet Developments. Serving Since 2002.