Cybersecurity

Privacy and Trust Go Hand-In-Hand

A few days ago, Eric Goldman wrote an interesting thinkpiece in CircleID regarding users' feeling about privacy. He seems to conclude that the existent regulations and policies on the matter are unnecessary, since Privacy doesn't "really" matters to the consumer. Eric based his argumentation on a number of surveys, stating that, even when the user expresses concerns about their privacy, on line behavior shows a different reality. We don't want to discuss here the soundness of surveys as a reliable source of information, but the author could be assuming too much in his analysis. more

U.S. Senate’s Hearing on ICANN

Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.

At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:

"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more

NANOG 95: From Faster Fibre to Route Leaks, Operators Face Old Problems with New Tools

The NANOG 95 conference spotlighted breakthroughs in fibre optics, wireless technology, routing security, and quantum computing, offering a forward-looking assessment of internet infrastructure and its vulnerabilities, as reported by APNIC's Geoff Huston. more

Google’s Lighthouse Lawsuit - Disrupting the Cybercrime Supply Chain

Google's lawsuit against the Lighthouse phishing syndicate exposes the industrial scale of cybercrime, highlighting how criminals exploit easy access to digital infrastructure to scam millions. The broader supply chain enabling such operations demands urgent reform. more

AI System Abused in China-Linked Cyberattack, Says Anthropic

A Chinese-linked cyberattack exploited Anthropic's Claude AI to infiltrate global institutions with limited human input, prompting urgent calls for regulation and sparking debate over the growing autonomy of artificial intelligence in digital threats. more

AI-Powered Malware Evolves: Google Uncovers Live Use of Generative Models in Active Intrusions

Google's Threat Intelligence Group reveals that hackers are integrating AI models directly into malware, enabling live code mutation, stealthier operations, and dynamic payload execution while exploiting AI tools through deceptive prompts and underground marketplaces. more

Preparing DNSSEC for the Post-Quantum Era

To prepare DNS security for a post-quantum future, Verisign and partners are testing new cryptographic strategies that balance security, performance, and feasibility, especially through the novel Merkle Tree Ladder mode for managing large signatures. more

The Hidden Risks of AI Notetakers: Precaution or Paranoia?

As AI notetakers become common in virtual meetings, concerns grow over data privacy, potential misuse, and the risks of unknowingly sharing sensitive corporate information with unseen third parties beyond organizational control. more

Microsoft Warns Extortion Drives Majority of Attacks Amid AI Escalation, Identity Collapse, and Global Fragmentation

Microsoft's latest Digital Defense Report reveals how cybercriminals and nation-states are rapidly adopting AI to enhance attacks. With identity-based threats soaring, the company urges urgent modernization of security systems and global cooperation. more

eco and AV-Test Publish Monthly topDNS Reports for Internet Service Providers

eco's topDNS initiative and AV-Test are publishing monthly reports to help ISPs detect and mitigate DNS abuse by analysing malware, phishing, and PUA trends, creating a long-term data foundation for industry-wide transparency. more

Centralizing DNS Data for Security, Compliance, and Performance

Private DNS data lakes consolidate fragmented logs into a centralised platform, improving visibility, security, and compliance. They enable advanced analytics, strengthen threat detection, and help organisations optimise network performance in increasingly complex IT environments. more

New Paper Proposes ‘Attested DNS’ to Secure Domain Names with Trusted Hardware

Azure researchers propose attested DNS, a system that embeds confidential computing into the internet's naming infrastructure. By binding domain names to trusted hardware and software, it enhances service verification while maintaining compatibility with existing web technologies. more

Hyper-Volumetric DDoS Attack Sets New Benchmark at 22.2 Tbps

A record-shattering DDoS attack peaking at 22.2 Tbps signals a new era of cyber aggression, driven by weaponized IoT botnets and raising urgent questions about global internet resilience. more

European Airports Still Reeling from Ransomware Attack as Software Fix Nears

European air travel remains disrupted today following a ransomware attack on Friday that crippled automated check-in and boarding systems across several major airports. The culprit appears to be malicious code targeting Muse, a system developed by Collins Aerospace, a subsidiary of RTX, which provides critical software to airlines. more

Study Finds IPv6 Adoption Exposes More Residential Devices to Unsolicited Traffic

As IPv6 adoption accelerates, a new study warns that the disappearance of NAT in home networks is exposing millions of devices to online threats -- potentially fueling a new wave of powerful IoT botnets. more