Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
As digital technologies intertwine ever more closely, new vulnerabilities are surfacing in unexpected places. A recent UK government report highlights how the convergence of emerging technologies - such as artificial intelligence (AI), blockchain, quantum computing, and the Internet of Things (IoT) - is generating complex cybersecurity risks across critical sectors. more
According to the APWG's new Phishing Activity Trends Report released today, phishers are using new techniques to carry out their attacks and hide their origins in order to make the most of every phishing campaign. more
The cybersecurity landscape in 2024 has been characterised by unprecedented complexity and rapidly evolving threats, presenting significant challenges for organisations across all sectors. As the digital attack surface expands and threat actors employ increasingly sophisticated techniques, domain security has emerged as a critical component of a robust cybersecurity strategy. more
I consult on communication issues for Neustar, an Internet infrastructure company. As most CircleIDers know, Neustar works behind the scenes to ensure the smooth operation of many critical systems like DNS, .us and .biz, local number portability and digital rights management. One of the cool things about working for them is the chance to attend the events they sponsor. Last week Neustar held a security briefing for senior federal IT personnel focused on Cybersecurity and Domain Name System Security Extensions (DNSSEC)... more
Declan McCullagh recently opined that the "FBI [and the] DEA warn [that] IPv6 could shield criminals from police." His post was picked-up relatively widely in the past few days, with the headlines adding more hyperbole along the way. So just how real is this threat? Let's take a look. more
The European Union is increasingly wielding domain name deletions as a tool of financial enforcement - a trend sparked by the Markets in Crypto-Assets Regulation (MiCA) and now spreading across other legislative efforts such as the Financial Data Access Framework (FiDA) and the Payment Services Regulation (PSR). more
There is considerable coverage this morning (or this evening in Tunis) on the last minute WSIS deal struck yesterday. The gist of the coverage rightly reports that the U.S. emerged with the compromise they were looking for as the delegates agreed to retain ICANN and the ultimate U.S. control that comes with it (note that there is a lot in the WSIS statement that may ultimately prove important but that is outside the Internet governance issue including the attention paid to cybercrime, spam, data protection, and e-commerce). This outcome begs the questions -- what happened? And, given the obvious global split leading up to Tunis, what changed to facilitate this deal? more
While travelling home from Geneva, I was thinking quite a lot on the relationship between a ccTLD (registry) and a Country. This is because many countries are starting to talk louder and louder about the responsibilities Countries have on critical infrastructure, or (possibly more important) the management of the critical infrastructure. Will for example any (none?) of ccTLD operators (servers) sustain a denial of service attack of a scale similar to the attack on the root servers? What can ccTLD operators do to resist the malicious attacks? Should this be discussed? more
It is one of those surreal, ironic moments in time. This coming week, an event called the Internet Governance Forum (IGF) 2017 will be held at Geneva in the old League of Nations headquarters now known as the Palais des Nations. On its agenda is a workshop to discuss "A Digital Geneva Convention to protect cyberspace." If the IGF participants, as they enter the Palais grounds, simply look in the opposite direction south across the Place des Nations, they would see 100 meters away, a glass cube building provided by the Republic and Canton of Geneva. more
For four days in Southern France, cybersecurity experts from a broad array of different countries and sectors gathered for the annual ETSI Security Conference. The event undertaken by one of the world's major industry information-communication (ICT) standards organisations was intended to take stock of the state of cybersecurity and trends. more
In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNS Security Extensions (DNSSEC). In this post, I'll look at hash-based signatures, a family of post-quantum algorithms that could be a good match for DNSSEC from the perspective of infrastructure stability. more
Well, it's a yearly tradition in the western hemisphere that at the end of the year, we compose a top 10 list of the 10 most
An industry professional at Abusix is the backbone behind a proposal to improve and create better mitigation of abuse across different global internet networks. Basically, this introduces a mandatory "abuse contact" field for objects in global Whois databases. This provides a more efficient way for abuse reports to reach the correct network contact. Personally - as a Postmaster for a leading, white-label ISP, I applaud this with great happiness for multiple reasons. I also feel people who handle abuse desks, anti-abuse roles, etc. should closely follow this. more
The Internet Commerce Association (ICA) has posted a position paper and analysis of S. 2661, introduced on 2/25/08 in the US Senate. While we are firmly opposed to phishing and other criminal activities that may utilize domain names we are very concerned about the provisions of the proposal that appear to provide trademark owners with a means to avoid both UDRP and ACPA actions and alternatively bring private claims against domain names with a lower burden of proof and the potential for far higher monetary damages, without even requiring an allegation that the DN was in any way being utilized in a phishing scheme... more
It seems like there is more disturbing news every day about Chinese infiltration of our telecommunications networks. A recent headline said that nine large ISPs have now been infiltrated. Tom Wheeler, a previous Chairman of the FCC, recently wrote an article for the Brookings Institute that speculates that the ability of the Chinese to infiltrate our networks stems back to decisions made decades ago that have never been updated for the modern world of sophisticated hacking. more
A World-Renowned Source for Internet Developments. Serving Since 2002.