Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
I've written recently about a general purpose method called DNS Response Policy Zones (DNS RPZ) for publishing and consuming DNS reputation data to enable a market between security companies who can do the research necessary to find out where the Internet's bad stuff is and network operators who don't want their users to be victims of that bad stuff... During an extensive walking tour of the US Capitol last week to discuss a technical whitepaper with members of both parties and both houses of the legislature, I was asked several times why the DNS RPZ technology would not work for implementing something like PROTECT-IP. more
This week's myth is interesting because if we weren't talking security it wouldn't be a myth. Say what? The phrase "96 more bits, no magic" is basically a way of saying that IPv6 is just like IPv4, with longer addresses. From a pure routing and switching perspective, this is quite accurate. OSPF, IS-IS, and BGP all work pretty much the same, regardless of address family. Nothing about finding best paths and forwarding packets changes all that much from IPv4 to IPv6. more
You all remember cybersquatting, a popular sport in the late 90s, right? McDonalds.com, JenniferLopez.com, Hertz.com and Avon.com thankfully all point to the right web sites today, but thaiairline.com, mcdonald.com, luftansa.com, gugle.com, barnesandnobles.com and other misspellings are fake web sites intended to trap the casual surfer with a hand that's a bit too much quicker than the eye... If you want to go to the McDonalds web site, you don't even spend the 10 seconds to look it up -- you will type McDonalds.com and expect to see the latest dollar meal menu. But the same is true for the other popular form of communication -- email... more
Distributed Denial-of-Service (DDoS) attacks will become larger in scale, harder to mitigate and more frequent, says Deloitte in its annual Global Predictions report. more
Swedish Regulator PTS have today notified .SE, the Swedish (.SE) TLD registry that they have to change the rules... In short, the decision implies that any form of the sequence of the characters "b", "a", "n", "k" are illegal in domain names in Sweden. Further that checks of what domain names are registered are to be checked before registration. more
Many of us were expecting radical changes in 2010 to the domain name market. There definitely were some of those -- just not the ones I expected. From the seizure of domains names by the US Government to ICANN's removal of restrictions on Registry/Registrar cross-ownership, 2010 was a year full of surprises. In this post, I've compiled what I think were the biggest domain name stories in 2010. more
Cybersecurity and artificial intelligence were among the key topics at the 79th UN General Assembly (UNGA). UNGA's 1st Committee, responsible for disarmament and international security, concluded its negotiations in mid-November 2024. It discussed the 3rd Annual Progress Report (APR) of the Open-Ended Working Group (OEWG) and adopted a resolution that recommends, inter alia, the establishment of a new permanent cybersecurity mechanism within the UN system. Furthermore, it adopted two resolutions on autonomous weapon systems (AWS). more
Due to increased legislative interest in this topic, CENTR says there is a pressing need for comprehensive educational material on the technical capabilities of the DNS, ccTLDs and their role in the internet ecosystem. more
The quantum computing era is coming, and it will change everything about how the world connects online. While quantum computing will yield tremendous benefits, it will also create new risks, so it's essential that we prepare our critical internet infrastructure for what's to come. That's why we're so pleased to share our latest efforts in this area, including technology that we're making available as an open source implementation to help internet operators worldwide prepare. more
The cybersecurity landscape in 2024 has been characterised by unprecedented complexity and rapidly evolving threats, presenting significant challenges for organisations across all sectors. As the digital attack surface expands and threat actors employ increasingly sophisticated techniques, domain security has emerged as a critical component of a robust cybersecurity strategy. more
As we approach four months since the WHO declared COVID-19 to be a pandemic, and with lockdowns and other restrictions continuing in much of the world, it is worth reflecting on how the Internet has coped with the changes in its use, and on what lessons we can learn from these for the future of the network. The people and companies that build and operate the Internet are always planning for more growth in Internet traffic. more
I use Paypal, and I am quite satisfied with how it helps me with my business: it is still a little hard to use, and I don't use all functions of the tool, but it is not so expensive, it is fast and efficient, and Paypal does not send so many emails. In one word, Paypal rocks... The only problem that I have with Paypal is the number of fake emails that I receive. Of course, I easily identify them as they come in and luckily, G Suite (Gmail) does an excellent job at blocking all spam and phishing. more
Afilias has informed registrars and registry clients that it is taking steps to remove orphan glue records from 200+ TLD zones in its care. This will eliminate the potential for a handful of domain names to be misused. "Glue records" enable websites and other uses of domain names to work on the internet. They are related to DNS domain name delegations and are necessary to guide iterative resolvers to delegated nameservers. more
Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users. more
Today we continue with part 2 of the 10 part series on IPv6 Security Myths by debunking one of the myths I overhear people propagating out loud far too much: That you don't need to worry about security because IPv6 has it built into the protocol. In this post, we'll explore several of the reasons that this is in fact a myth and look at some harsh realities surrounding IPv6 security. more
A World-Renowned Source for Internet Developments. Serving Since 2002.