Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
In a non-operational NANOG discussion about Google bandwidth uses, several statements were made. It all started from the following post by Mark Boolootian: "Cringley has a theory and it involves Google, video, and oversubscribed backbones..." The following comment has to be one of the most important comments in the entire article and its a bit disturbing... more
The Internet is a great success and an abject failure. We need a new and better one. Let me explain why. We are about to enter an era when online services are about to become embedded into pretty much every activity in life. We will become extremely dependent on the safe and secure functioning of the underlying infrastructure. Whole new industries are waiting to be born as intelligent machines, widespread robotics, and miniaturized sensors are everywhere. more
Pretty much as long as there've been computers, one of the biggest challenges has been user education. How do you create software smart enough to inform a user when they're about to do something potentially disastrous - or, worse, when something disastrous has been done to them? As one of the world's largest access providers, Comcast has put a ton of thought into developing a notification system for their users. The solution Comcast developed involves, in effect, hijacking HTTP requests... more
A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more
Also known loosely as "phlashing" in some circles, Permanent Denial-of-Service (PDoS) is an increasing popular form of cyberattack that damages a system so badly that it requires replacement or reinstallation of hardware. more
Eurid, the operator of .EU, announced that it was cutting its wholesale price from 10 Euros to 5 Euros (about US$6.40 at today's rate). Is Eurid crazy? They're cutting the price in half! Eurid is acting as if unit cost should go down as sales increase! Haven't they learned the lesson... more
A look into the past reveals that continuous developments in weaponry technology have been the reason for arms control conventions and bans. The banning of the crossbow by Pope Urban II in 1096, because it threatened to change warfare in favour of poorer peasants, the banning of poisoned bullets in 1675 by the Strasbourg Agreement, and the Geneva protocol banning the use of biological and chemical weapons in 1925 after world war 1, all prove that significant technological developments have caused the world to agree not to use certain weapons. more
As warned by Dan Kaminsky, Paul Vixie, and numerous other experts experts, it was just a matter of time before an exploit code for the now public DNS flaw would surface. An exploit code for the flaw allowing insertion of malicious DNS records into the cache of target nameservers has been posted to Metasploit, a free provider of information and tools on exploit techniques. According to reports Metasploit creator, H D Moore in collaboration with a researcher named "|)ruid" from Computer Academic Underground, created the exploit, dubbed "DNS BaliWicked Attack", along with a DNS service created to assist with the exploit. more
If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more
For four days in Southern France, cybersecurity experts from a broad array of different countries and sectors gathered for the annual ETSI Security Conference. The event undertaken by one of the world's major industry information-communication (ICT) standards organisations was intended to take stock of the state of cybersecurity and trends. more
According to the APWG's new Phishing Activity Trends Report released today, phishers are using new techniques to carry out their attacks and hide their origins in order to make the most of every phishing campaign. more
The story about securing the DNS has a rich and, in Internet terms, protracted history. The original problem statement was simple: how can you tell if the answer you get from your query to the DNS system is 'genuine' or not? The DNS alone can't help here. You ask a question and get an answer. You are trusting that the DNS has not lied to you, but that trust is not always justified. more
The Cooperative Association for Internet Data Analysis (CAIDA) and the American Registry for Internet Numbers (ARIN) presented the results [PDF] of a recent IPv6 survey at the ARIN XXI Public Policy Meeting in Denver on April 7th. The survey involved over 200 respondents from a blend of Government, commercial organizations (including ISPs and end users), educational institutions, associations, and other profit and non-profit entities. The purpose of the survey, conducted between March 10th and 24th, was to capture IPv6 penetration data in the ARIN region... more
A new report published by the insurance giant, AIG, claims phishing attacks via email, often targeted at senior executives, has overtaken ransomware. more
Over the past days a lot has been said and written on counter hacking by enforcement agencies. The cause is a letter Dutch Minister I. Opstelten, Security & Justice, sent to parliament. Pros and cons were debated and exchanged. Despite the fact that I perfectly understand the frustration of enforcement agencies of having to find actionable data and evidence that gets criminals convicted in a borderless, amorphous environment, a line seems to be crossed with this idea presented to Dutch parliament. Where are we? more
A World-Renowned Source for Internet Developments. Serving Since 2002.