Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The DoC seems to have finally realized it went too far by using ICANN to serve the interests of some conservative groups, as mentioned in a previous post. The new story is now that the ICANN board did not reject the .XXX application as such, but only the agreement negotiated between ICM Registry and the ICANN staff at that time. How subtle these things are... more
As digital technologies intertwine ever more closely, new vulnerabilities are surfacing in unexpected places. A recent UK government report highlights how the convergence of emerging technologies - such as artificial intelligence (AI), blockchain, quantum computing, and the Internet of Things (IoT) - is generating complex cybersecurity risks across critical sectors. more
The Securities and Exchange Commission has issued an updated guidance for public companies in preparing disclosures about cybersecurity risks and incidents. more
Various sources including South Korea's news agency Yonhap are reporting that a hacker group has threatened to launch a DDoS attack against seven South Korean banks unless they pay about 360 million won (US$315,000) in bitcoin. more
Despite widespread concern about the security of mobile and Internet of Things (IoT) applications, organizations are ill-prepared for the risks they pose, according to a research report issued today from Ponemon Institute, IBM Security, and Arxan Technologies. more
This is the first in a series of releases that tie extensive code injection campaigns directly to policy failures within the Internet architecture. In this report we detail a PHP injection found on dozens of university and non-profit websites which redirected visitor's browsers to illicit pharmacies controlled by the VIPMEDS/Rx-Partners affiliate network. This is not a unique problem, however the pharmacy shop sites in question: HEALTHCUBE[DOT]US and GETPILLS[DOT]US should not even exist under the .US Nexus Policy. more
Yesterday Verisign sent ICANN a most interesting white paper called New gTLD Security and Stability Considerations. They also filed a copy with the SEC as an 8-K, a document that their stockholders should know about, It's worth reading the whole thing, but in short, their well-supported opinion is that the net isn't ready for all the new TLDs, and even if they were, ICANN's processes or lack thereof will cause other huge problems. more
Over the last 5 years, hacktivists have continued the practice of redirecting well-known domain names to politically motivated websites utilizing tactics such as SQL injection attacks and social engineering schemes to gain access to domain management accounts -- and that, in and of itself, is not surprising. But what IS surprising is the fact that less than 15% of the 500 most highly trafficked domains in the world are utilizing Registry Locking. more
When it comes to building a robust globe-spanning network of crimeware and making the victims dance to a tune of the cyber-criminals' choosing, you're guaranteed to find domain name abuse at the heart of the operation. DNS provides the critical flexibility and underlying scalability of modern command-and-control (C&C) infrastructure. Cyber-criminals that master DNS (and manage to maintain the stream of new domain registrations that keep it fed) tend to find themselves in command of the largest and most profitable crimeware networks. more
The European Union is increasingly wielding domain name deletions as a tool of financial enforcement - a trend sparked by the Markets in Crypto-Assets Regulation (MiCA) and now spreading across other legislative efforts such as the Financial Data Access Framework (FiDA) and the Payment Services Regulation (PSR). more
Digital Transformation (DX) is picking up speed. According to a recent announcement by IDC, the market is expected to grow at a Compounded Annual Growth Rate (CAGR) of 17.9% to reach a whopping 321 billion dollars by 2021. In 2018 alone, IDC expects that 326 billion will be spent on transforming how people and things communicate. Based on these numbers, it looks like Digital Transformation has become the real deal. more
I got an e-mail from someone currently attending the Internet Governance Forum (IGF) meeting in Geneva. The e-mail ended up in my spam folder because the IP address used for the wireless LAN at the meeting is on a spambot/virusbot blacklist, namely cbl.abuseat.org. Apparently some guy there has his computer infected by a spambot or a virusbot... more
As the industry-wide paradigm shift to cloud computing and software-as-a-service gradually continues to make the transition from buzz to reality, security and availability continue to emerge as the main barriers to customer adoption. A recent ISACA survey of over 1,800 US IT professionals found that only 17 percent believe the benefits of cloud computing outweigh the risks. Only one in 10 respondents said they would consider using software-as-a-service (SaaS) for mission-critical applications. more
Last week at the ICANN meeting in Nairobi, a plan was announced by ICANN staff to create a "CERT" for DNS. That's a Community Emergency Response Team (CERT) for the global Domain Name System (DNS). There are all kinds of CERTs in the world today, both inside and outside the Internet industry. There isn't one for DNS, and that's basically my fault, and so I have been following the developments in Nairobi this week very closely. more
WannaCry, originated firstly in state projects but spread by other actors, has touched upon myriads of infrastructure such as hospitals, telecommunication, railroads that many countries have labelled as critical. IT engineers are hastily presenting patching codes in various localized versions. The other patch needed, however, is more than technical. It is normative and legislative. The coding of that patch for a situation like this is in two layers of dilemma. more
A World-Renowned Source for Internet Developments. Serving Since 2002.