An Investigation Shows How Bomb Threat Scammers Hijacked Thousands of Big-Name Domains

Ars Technica's Dan Goodin reports that an "investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations." more

Macro Observations Facing Email Infrastructure

Last month I attended the 36th annual M³AAWG conference in San Francisco, where esteemed members of the online messaging and anti-abuse community come together to make the Internet a safer and more secure environment. The sending community is highly influential especially among Email Service Providers (ESPs) and truly dominated the two-macro conversations that I participated in. These conversations have the industry in somewhat of a transition. more

Trump Orders Cyberattacks by US Companies

It is supremely ironic. A rogue national leader with the stroke of a pen, dictates that its companies will expose a foreign company's end users to cyberattacks. This is the net effect of denying security patches or operating system updates pursuant to Trump's order. In the US Great Rogue Leader's bizarro world, this is the very behavior that he claims makes his actions necessary. In fact, this Trump malware attack is worse because of the mass exposure to exploits. more

PIR, the Operator of .ORG Announces Jonathan Nevett as the New President and CEO

Public Interest Registry (PIR), the nonprofit operator of the .ORG domain has announced that its Board of Directors has unanimously selected Jonathon Nevett as President and Chief Executive Officer, effective December 17, 2018. more

Shadow Regulations and You: One More Way the Internet’s Integrity Can Be Won

Even those who care about net neutrality might not have heard of the aptly-called Shadow Regulations. These back-room agreements among companies regulate Internet content for a number of legitimate issues, including curbing hate speech, terrorism, and protecting intellectual property and the safety of children. While in name they may be noble, in actuality there are very serious concerns that Shadow Regulations are implemented without the transparency, accountability, and inclusion of stakeholders necessary to protect free speech on the Internet. more

PIR Invites Bids for .Org Back-End Operations

In a post today, Public Interest Registry (PIR), the not-for-profit operator of the .org, .ngo and .ong domains, has announced a Request for Information for the management of its back-end registry services. Afilias which has been the technical provider for PIR since it was established by ISOC following the successful ISOC/Afilias strategic partnership in the bid for .ORG in 2002, says it has been expecting an RFP since the last contract was signed and that it remains committed to its continued work with the organization. more

FCC Gives Google, Sony and Others Full Authorization for Commercial Deployment of 3.5 GHz Spectrum

The U.S. Federal Communications Commission (FCC) on Monday announced it is allowing full commercial use of 3.5 GHz band for broadband connectivity and 5G. more

Digital Rights Defender Steps Aside: Cindy Cohn to Leave EFF After 25 Years

Cindy Cohn, a leading advocate for digital civil liberties, will step down as executive director of the Electronic Frontier Foundation (EFF) by mid-2026. Her departure marks the end of a tenure spanning over two decades, including ten years at the helm of the San Francisco-based nonprofit. more

Google Cracks Down on Illegal Online Pharmacies

Announced on the Google Blog last week, the search engine giant has filed a federal lawsuit against a group of rogue pharmacies in an effort to stop them from advertising on its search engine and websites. Michael Zwibelman, the company's litigation counsel, notes that the advertisers have deliberately "violated policies and circumvented technological measures" by using Adwords to promote pharmacy and prescription-drug operations without verification from the National Association of Boards of Pharmacy. more

If Thou Be’st as Poor for a Subject as He’s for a King…

Way back in 1995, Wired reporter Simson Garfinkel gave Jeff Slaton the name "Spam King." Less than a year later, Sanford Wallace earned the title -- and soon had to share it (and his upstream provider) with Walt Rines. Others have come and gone; Sanford and Walt reappear every few years, together or separately, only to be sued away again... it seems as if any spammer noticed by law enforcement is immediately crowned "the Spam King," even when there are multiple such crownings happening at the same time. more

DNSSEC Root Signature, Almost There!

IT security specialists have known for years that the plain DNS is not to be trusted. Any hope for improvement rests on the DNSSEC protocol deployment. In this post, I will review the current status in one critical aspect, namely the DNS root signature key management. The other two foremost are the application usage of DNSSEC protocol functionality and the operational front, or the extent of deployment in the DNS infrastructure. The operational front includes the support by the DNS root nameservers, but my focus on signature key management leaves this issue aside. more

The Issue of Market-Initiated Competition in Telecoms

Many political discussions are taking place all over the world about how to best stimulate national or provincial telecommunications infrastructure investments against the background of current market dynamics. In this context the question often revolves around whether there is a market failure and, if so, does the government have a role to play here to address the matter, or can it be left for the market to sort out. more

Reflections on the 20th Anniversary of the Dot-Com

Twenty years ago (Monday) on June 8th, 1989, I did the public launch of ClariNet.com, my electronic newspaper business, which would be delivered using USENET protocols (there was no HTTP yet) over the internet. ClariNet was the first company created to use the internet as its platform for business, and as such this event has a claim at being the birth of the "dot-com" concept which so affected the world in the two intervening decades. There are other definitions and other contenders which I discuss... more

Essential Cyber Security Steps for Your Business

Layered security is a concept that's important for anyone who wants to create a strong, successful defense strategy to understand. This is a strategy that relies on the use of multiple lines of defense in an attempt to repel any potential attacks. For this reason, it's based on the principle that says "no single form of protection is enough to stop a determined cybercriminal. more

From Crisis to Resilience - the Path to Sustainable Communications Infrastructure in the Caribbean

The Caribbean suffered six major storms in 2017, including the record-breaking Category 5 hurricanes Irma and Maria. In the unprecedented destruction, the islands of Dominica and Barbuda lost all communication and telecommunications service, and eight other Caribbean countries were severely disrupted. Each hurricane season wreaks greater devastation than the last, yet decreased telecommunications competition, inadequate regulation, and high national debt burdens in the region yield ever-diminishing infrastructural investment. more