Cybersecurity

A Research Finds Banking Apps Leaking Info Through Phones

A recent research seems to indicate that financial industries should increase the security standards they use for their mobile home banking solutions. IOActive Labs recently performed a black box and static analysis of worldwide mobile home banking apps. The research used iPhone/iPad devices to test a total of 40 home banking apps from the top 60 most influential banks in the world.

Significant Uptick Reported in Targeted Internet Traffic Misdirection

Jim Cowie of Renesys reports: Traffic interception has certainly been a hot topic in 2013. The world has been focused on interception carried out the old fashioned way, by getting into the right buildings and listening to the right cables. But there's actually been a significant uptick this year in a completely different kind of attack.

Upcoming Latin America and Caribbean DNS Forum

The Latin America and Caribbean Domain Name System (LAC DNS) Forum will be held on November 15, 2013 in Buenos Aires, Argentina. This follows on a similar initiative that took place at ICANN 47 in Durban, South Africa. The event's global, regional and local organizers plan to address key online issues, including more regional involvement with Internet governance.

IETF Reaches Broad Consensus to Upgrade Internet Security Protocols Amid Pervasive Surveillance

Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas.

IETF Looking at Technical Changes to Raise the Bar for Monitoring

During a speech last week at the Internet Governance Forum in Bali, Jari Arkko, IETF's chair, re-emphasized it's efforts to ramp up online security in light of recent revelations of mass internet surveillance. "Perhaps the notion that internet is by default insecure needs to change," Arkko said. Significant technical fixes "just might be possible."

John Crain Named ICANN’s New Chief Security, Stability and Resiliency Officer

John Crain has been named ICANN's new Chief Security, Stability and Resiliency Officer. In this newly created position Crain will assume the responsibilities of Jeff Moss, who announced he is stepping down from his position as Chief Security Officer at the end of the year.

Rodney Joffe on Security Vulnerabilities of Modern Automobiles

Rodney Joffe, Senior Technologist at Neustar, explaines that vehicles (beginning with 1998 models) are vulnerable to hacking, but manufacturers have been unable to fix the problem. In the video below, Joffe explains the challenge to cars and the possible threats that exist for other machines connected to a network.

Paul Mockapetris to Serve as Senior Security Advisor to ICANN’s Generic Domains Division

ICANN has announced that Paul Mockapetris, inventor of the Domain Name System (DNS), has agreed to serve as Senior Security Advisor to the Generic Domains Division and its President, Akram Atallah.

DDoS Awareness Day - Oct 23, Register Today for Live Virtual Event

In support of National Cyber Security Awareness Month, DDoS Awareness Day is a virtual, global event focused on raising awareness and education around the threat of DDoS attacks. Hosted by Neustar with and exclusive media partner CSO, DDoS Awareness Day brings together top experts in global security to share their views, technical tips and from-the-trenches experience. Attendees will also be given access to a wealth of DDoS materials: white papers, surveys, presentations, best practices and more.

Close to a Quarter of ZeroAccess Botnet Disabled, Reports Symantec

Symantec has disabled part of one of the world's largest networks of infected computers, according to reports today. About 500,000 hijacked computers have been taken out of the 1.9 million strong ZeroAccess botnet. The zombie computers were used for advertising and online currency fraud and to infect other machines. Security experts warned that any benefits from the takedown might be short-lived.

ANA: Concerns About ICANN’s New gTLD Plans Growing and Very Serious

In a recent blog post, Dan Jaffe, Association of National Advertisers' Executive VP of Government Relations, shares some concerns about ICANN's "overly rapid Top Level Domain rollout".

Bruce Schneier: Government and Industry Have Betrayed the Internet, and Us

Bruce Schneier in an op-ed piece published in the Guardian on Thursday writes: "Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract..."

Dotless Domains Considered Harmful, Says IAB

In light of recent controversies around the implementation of dotless domains, the Internet Architecture Board (IAB) has released a statement calling the practice harmful. From the executive summary: "It has come to the attention of the IAB that there are proposals for so-called "dotless" domains in the root zone, and that some existing top-level domains (TLDs) are already operating in such a mode. TLD operators of dotless domains are intending that single label names -- those containing no dots -- resolve to the TLD itself, rather than be resolved locally, within the context of the local site at which the user resides."

Renowned Security Expert Bruce Schneier Joins EFF Board of Directors

Schneier's insight is considered particularly important according to EFF, as more and more is learnt "about the unconstitutional surveillance programs from the National Security Agency and the depth and breadth of data the NSA is collecting on the public."

Google Data on State of Web Security

As part of its Transparency Report, Google recently released large amount of data related to unsafe websites. Google groups unsafe websites into two main categories: Malware and Phishing sites.