Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
I'm writing this from Taipei, where I have lived in peace for over 10 years. Sadly I learned that during this week, intermediate-range ballistic missiles (operated by China) have flown far above the capital of Taiwan and that five of them have landed in the waters of Japan's exclusive economic zone (EEZ). This provocative live-firing drill came as a direct response from China following Pelosi's visit. more
The GNSO Council and the ICANN Board both seem poised to grant sufficient runway to the community to refine an idea for a simple ticketing system designed to centralize requests for registrant information disclosures and provide meaningful data that is likely to help ICANN staff enhance its assessment of the SSAD proposal. This is very good news for those who advocate for consumer safety and trust on the Internet, and it is very good news for the ICANN multistakeholder model. more
The invasion of Ukraine by Russia on 24 February, and the events since, have shocked and horrified the world. The immediate focus must be on protecting the safety, security and human rights of the Ukrainian population. But we can already see how the war will also impact broader global events, discussions and behaviour, particularly relating to the digital environment. more
The UK government is proposing new regulations to strengthen cyber resilience in the private sector. Their intention is to expand cybersecurity rules for critical infrastructure (CI) operators to include managed service providers (MSPs), more stringent breach notification requirements, and legislation to establish the UK Cyber Security Council as the standards development organization for the cybersecurity profession. This is a welcomed development, but more details about implementation and enforcement are needed. more
The UK government launched its 2022 Cyber Security Strategy on 15 December 2021, outlining its ambitious plans to improve the resilience of UK institutions and businesses while protecting the country's interests in cyberspace. The strategy signals a more involved approach by the government, which previously relied heavily on the private sector for leadership. The government's stated commitment to a 'whole of society' approach sounds really good on paper, but what exactly does it really mean? more
In late 2021, the term Web3 began to increasingly appear in mainstream media outlets. This does not refer, however, to a sudden increase in interest in the Semantic Web as defined by Tim Berners-Lee, but rather to something entirely different. Enthusiasts of cryptocurrencies and nonfungible tokens (NFTs) seized this term and changed its meaning to reflect a supposed new stage of the Web, running on top of blockchains and having decentralization as its core value. To summarize the narrative being spun, the first generation of the Web afforded independence to the owners of websites, but this did not extend to the average user... more
As a designated committee of experts prepares to draft a new treaty to combat the use of information and communications technologies in cybercrime at the UN in January 2022, it is paramount that other stakeholders oversee these discussions to avoid violating human rights on the Internet. This initiative was kickstarted by a 2019 resolution led by Russia and endorsed by other countries considered by many to behavior controversially on cybersecurity matters, such as China, Venezuela, Cambodia, North Korea, and others. more
When we look at the intersection of cryptocurrency and domain data, we see something insidious: The prevalence of crypto-related threats. And it's not just cryptojacking. It's not even the use of cryptocurrency which has made ransomware attacks easier for threat actors to commit and all the more widespread. As with nearly every trend, there is always someone looking to capitalize on it and use it for their own, personal gain. Ever since cryptocurrency became the pandemic hobby of choice, threat actors have begun to target crypto novices for their schemes. more
As today is the Global Encryption Day, I decided to make my first post here on this topic. About two months ago, Apple caused a controversy by announcing the adoption of a measure to combat the spread of Child Sexual Abuse Materials (CSAM). The controversy was so huge that, a month after its announcement, Apple decided to postpone its plans for the new features to have more time to gather information from the various stakeholders and implement improvements before releasing the measures originally announced. more
Would you like to help guide the future of the Mutually Agreed Norms for Routing Security (MANRS) initiative? As the MANRS community continues to develop new efforts to make the routing layer of the Internet more secure (ex. the equipment vendor program), would you like to help lead the work? The MANRS community is seeking volunteers for its new Steering Committee. The committee will lead the community as it evolves its governance model. more
Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more
Much has been said about the criticality of the small coterie of large-scale content distribution platforms and their critical role in today's Internet. These days when one of the small set of core content platforms experiences a service outage, then it's mainstream news, as we saw in June of this year with outages reported in both Fastly and Akamai. In the case of Akamai, the June outage impacted three of Australia's largest banks, their national postal service, the country's reserve bank, and one airline... more
Following our previous article on the Euro 2020 football tournament that looked retrospectively at domain name registrations relating to the competition, this article considers activity on eCommerce marketplaces. For this study, our Discovery Engine technology was used to conduct a regular series of scans across key international online marketplaces. We monitored for listings (offers of sale) relating to Euro 2020 clothing and merchandise. more
As we finished this article, the world was hit by another global outage by content delivery network (CDN) provider, Akamai, on June 17, 2021. The cause seems to be related to the lack of capacity to a certain "routing table" of their distributed denial of service (DDoS) mitigation. Although the technical analysis is not yet available, the central premise of this article also applies to this incident, and it serves as a timely testimony. more
In the run-up to the postponed Euro 2020 football championships, we've analyzed historical registration trends in domains containing the terms "euro2020" or "euro2021." A number of previous studies -- looking at events as diverse as the COVID pandemic, the annual holiday season shopping events, and the Reddit campaign relating to the manipulation of the stock price of U.S.-based retailer GameStop -- show a link between real-world events and spikes in online activity. more
A World-Renowned Source for Internet Developments. Serving Since 2002.