Cybersecurity

United States Steps Up Digital Incursions Into Russia’s Electric Power Grid, According to NYT

The United States has shifted its Russia strategy more toward offense and inserted potentially crippling malware inside Russia's electric power grid at a depth and with an aggressiveness that had never been tried before, according to a New York Times's story that broke over the weekend. more

Notorious Hacker Group XENOTIME Expands Its Targeting Beyond Oil and Gas to Electric Utility Sector

XENOTIME, the notorious group behind what is regarded as the most dangerous malware targetting industrial control systems has expanded its targeting beyond oil and gas to the electric utility sector. more

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more

Network Protocols and Their Use

In June, I participated in a workshop, organized by the Internet Architecture Board, on the topic of protocol design and effect, looking at the differences between initial design expectations and deployment realities. These are my impressions of the discussions that took place at this workshop. ... In this first part of my report, I'll report on the case studies of two protocol efforts and their expectations and deployment experience. more

State Department Should Return to Its Knitting

Having researched and written about the 100 year history of U.S. State Department's institutional machinations in the telecom/cyber sector, taught law school graduate courses, and worked with its bureaus and staff over the past 45 years, the latest twists and turns seem to repeat past mistakes. The fundamental problem is that the U.S. is the only country whose Foreign Ministry is given a significant role and engaged in telecom and cyber matters in global venues. more

A Quick Look at the 4 Most Prevalent Types of Threat Intelligence

You won't go far with your cybersecurity when you're relying on the wrong intelligence. This is simply because not all types of threat intelligence are equal. You might have experienced this yourself; investing time and resources into just one only to receive meagre results in the end. Sadly, many organizations fail to realize that depending on just a single source of information is a big mistake. more

Microsoft Becomes the Latest Company to Join the Internet Society’s MANRS Initiative

Microsoft has joined the Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society (ISOC) with the primary objective is to reduce the most common threats to the Internet's routing system. Microsft is the latest of a number of industry giants around the world - including Oracle, GÉANT, and Comcast - to join MANRS. more

UK Announces $28M Fund for Army Cyber Operations Centers

The UK Ministry of Defence has announced a £22m ($28 million) fund for the development of British Army cyber operations centers across the country. more

Baltimore Gets Hacked: Main Computer Systems Crippled, Experts Estimate Months to Recover

On May 7, hackers breached parts of the computer systems that run Baltimore's government, taking down essential systems such as voice mail, email, a parking fines database, payment systems used for water bills, property taxes, real estate transactions and vehicle citations. more

DDoS Storm Is Coming, Warn Researchers Noting an 84% Surge in the First Quarter of 2019

The number of DDoS attacks during the first three months of 2019 increased by 84%, compared with the previous quarter. more

Threat Intelligence Platform in Action: Investigating Important Use Cases

As technology gets more and more sophisticated, tech-savvy cybercriminals are having a field day devising increasingly ingenious ways to steal confidential data from ill-prepared targets. What this means is that an equally sophisticated cybersecurity response is needed to keep attackers at bay. This would involve re-examining reactive cybersecurity practices and adopting a proactive approach towards an active search for risks and vulnerabilities with the help of threat intelligence (TI). more

Two Years Later WannaCry Continues to Spread to Vulnerable Devices, Nearly 5M Devices Affected

Two years after the initial wave of WannaCry attack in May of 2017, security researchers say the ransomware continues to spread to vulnerable devices. WannaCry infection has affected close to 5 million devices to date. more

Huawei Says They Are Willing to Sign No-Spy Agreements With Governments

During a London conference, Huawei's chairman Liang Hua told reporters the company would sign no-spy agreements with governments as a response to United States' pressure on Europe to bar the Chinese telecommunications company over spying concerns. more

Efficient Threat Intelligence: Learning the Secrets

How can our threat intelligence platform deliver more? This is a question many business professionals employing threat intelligence practices are asking themselves as their companies continue to fall short against the machinations of modern-day cybercriminals. The truth is that while threat intelligence is certainly not a silver bullet, organizations often make a mistake when they opt for a platform without considering several important factors that can help them evaluate the market better and deploy the practice more effectively. more

UK Government Planning on New Laws for IoT Devices Including a Mandatory Security Labelling Scheme

The UK government on Wednesday announced plans to introduce new laws for internet connected devices to better enforce the inclusion of basic cybersecurity features into IoT devices. more