Cybersecurity |
Sponsored by |
|
The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more
A group of experts from Interisle Consulting Group released a paper today, reporting a comprehensive study of the phishing landscape in 2020. The study's goal was to capture and analyze a large set of information about phishing attacks to better understand how much phishing is taking place, where it is taking place, and better ways to fight them. more
Due to increased legislative interest in this topic, CENTR says there is a pressing need for comprehensive educational material on the technical capabilities of the DNS, ccTLDs and their role in the internet ecosystem. more
As the steward of .ORG, Public Interest Registry is committed to serving as an "exemplary registry" for the DNS. As part of that mission, PIR published our Anti-Abuse Principles last year that serve as our north star to address questions of abuse. As PIR has stated on many occasions, generally speaking, the DNS is not the appropriate place to address questions of website content abuse because of the blunt tool we as a registry have and the collateral damage that can be caused by suspending a domain name for a piece of content. more
As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more
Apple announced its decision to trust only one-year digital certificates on its Safari browser in February 2020. This decision created a domino effect, with Mozilla and Google following suit; certificate providers announced they would not issue two-year certificates after Aug. 19, 2020. We wrote an article in March to help brands to prepare for this change. more
If you are interested in presenting at the ICANN 69 DNSSEC and Security Workshop during the week of 17-22 October 2020, please send a brief (1-2 sentence) description of your proposed presentation to [email protected] by 27 August 2020. We are open to a wide range of topics related to DNS, DNSSEC, DANE, routing security, and more. There are some ideas in the Call for Participation below, but other ideas are definitely welcome, too! more
CENTR has published a white paper separating registry lock services into two standardized models. This categorization and the included recommendations can help top-level domain registries (re)design their registry lock services. The aim of the paper is to reduce fragmentation in implementation between registries to explain the value of registry lock to domain holders more easily. more
One of the "fathers of the internet," Vint Cerf, in a September 2019 article he published, said: "Today, hackers routinely break into online accounts and divert users to fake or compromised websites. We constantly need to create new security measures to address them. To date, much of the internet security innovation we've seen revolves around verifying and securing the identities of people and organizations online. more
On June 3, 2020, EURid, the registry for .EU domains, published its timeline and action plan to withdraw and delete .EU domains registered to entities and individuals located in the U.K. ... Following the .EU regulations that were published on March 29, 2019, registrations of .EU domain names may be held by EU citizens, citizens of Iceland, Liechtenstein, and Norway, independent of their place of residence -- as well as organizations that are established in the EU. more
If you read this blog, you've probably heard by now about the massive Twitter hack. Briefly, many high-profile accounts were taken over and used to tweet scam requests to send Bitcoins to a particular wallet, with the promise of double your money back. Because some of the parties hit are sophisticated and security-aware, it seems unlikely that the attack was a straightforward one directly on these accounts. more
As we approach four months since the WHO declared COVID-19 to be a pandemic, and with lockdowns and other restrictions continuing in much of the world, it is worth reflecting on how the Internet has coped with the changes in its use, and on what lessons we can learn from these for the future of the network. The people and companies that build and operate the Internet are always planning for more growth in Internet traffic. more
At the 44th Session of the Human Rights Council, we heard how 1 billion children in 2019 who were subjected to various forms of violence and the need for more action to protect children according to the Special Rapporteur. The United Nations Committee on the Rights of the Child released Guidelines on the implementation of the international treaty that bans child pornography, proposing to expand its interpretation to include bans on drawings and stories that sexually depict minors. more
The Internet is a catalyst for what has revolutionised and transformed human societies in giving extraordinary access to information that has catapulted development and economic growth. It also comes with threats of exploitation by those who wish to do harm. In Part 1 of these series, we looked at how Twitter banned Graham Linehan for his tweet where we saw that to an extent, it was justifiable under Californian law but that a Judge in the Fiji courts would disagree with. more
Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more
A World-Renowned Source for Internet Developments. Serving Since 2002.