The Security Talent Gap Is Misunderstood and AI Changes It All

Despite headlines now at least a couple of years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and brandish the dire figures, but unless you're actually a hiring manager striving to fill low to mid-level security positions, you're not feeling the pain -- in fact, there's a high probability many see problem as a net positive in terms of their own employment potential and compensation. more

New In-depth Analysis Finds Thousands of Domains Used in Technical Support Scams

A study conducted by PhD candidates at the Stony Brook University resulted in identifying malvertising as a major culprit for exposing users to technical support scams which allowed them to build an automated system capable of discovering, on a weekly basis, hundreds of phone numbers and domains operated by scammers. more

The Growth of DNS-OARC Highlights Great Strides in DNS Research

This past weekend several of my Dyn colleagues and I attended the DNS-OARC annual meeting and fall workshop in Montreal. "OARC" in the organization's title stands for "Operations, Analysis and Research Center". DNS-OARC was founded by the Internet Systems Consortium (best known as the maintainers of the BIND DNS software) in 2004 to address a gap in the DNS community. Engineers working to extend the DNS protocol itself have always had a home in the Internet Engineering Task Force (IETF), but there was no corresponding community for those who operated DNS infrastructure and did research using data gleaned from DNS operations. more

The Huawei Issue in the Broader Context of Global Politics

It is very sad to see that Huawei has become a victim of US-China trade war politics and it will be very interesting to see how their court case against the US Government will pan out, the company claims that the ban of its products is "unconstitutional." There is no indication that Huawei has been involved in any spying activity; nor does it appear to have any intention of doing so. more

Do Not Track: Not as Simple as it Sounds

Over the past few weeks, regulators have rekindled their interest in an online Do Not Track proposal in hopes of better protecting consumer privacy. ... There are a variety of possible technical and regulatory approaches to the problem, each with its own difficulties and limitations, which I'll discuss in this post. more

Phishers Using New Web-Based Technique ‘In-Session Phishing’ to Steal User Data, Researchers Warn

Security researchers have identified a new phishing attack method designed to trick users into surrendering confidential information after they have logged on to an online banking, brokerage, or other sensitive website. The technique, called In Session Phishing, can be used to inject into all major browsers legitimate looking Pop Up messages using malicious JavaScript that request passwords, account numbers, etc., on behalf of the trusted website. more

Twitter Worker Who Disabled Trump Account Likely Violated Computer Fraud and Abuse Act, Says Lawyer

A prominent attorney for cybersecurity issues says the unnamed Twitter worker who deactivated President Trump's Twitter account not to say anything and get a lawyer. more

Pinpointing Urban Broadband Gaps

The City of Chicago asked some researchers at the University of Chicago for help to identify the neighborhoods and the number of households that are not connected to broadband. It's been well known that large numbers of people in cities don't have broadband, but there have been no easy ways to pinpoint where solutions are needed. more

No Government Veto Over Future Top-Level Domain Names

Declan McCullagh reporting in CNET News: "The Obama administration has failed in its bid to allow it and other governments to veto future top-level domain names, a proposal before ICANN that raised questions about balancing national sovereignty with the venerable Internet tradition of free expression. A group of nations rejected that part of the U.S. proposal last week, concluding instead that governments can offer nonbinding 'advice' about controversial suffixes such as .gay but will not receive actual veto power." more

IANA Transition is Just the Beginning

The transition of the Internet Assigned Numbers Authority (IANA) functions is finally in the history books. After almost two years of working groups and multiple rounds of meetings, most of us want to take a long vacation and never hear the acronym "IANA" again. However, the transition is just the beginning. Now is the time for the multistakeholder community to exercise its new authorities and responsibilities to ensure ICANN remains accountable to every internet user. more

Can Cellphones Capture the Broadband Market?

Linda Hardesty wrote an interesting article in FierceNetwork that asks the question, "What if, in ten years, young people don't subscribe to fixed broadband at all?" Her story is based on a U.K. research group that predicts that within ten years, there will be a lot of young people who will never have subscribed to a landline broadband product. more

Want to Help Guide the Future of the MANRS Routing Security Initiative?

Would you like to help guide the future of the Mutually Agreed Norms for Routing Security (MANRS) initiative? As the MANRS community continues to develop new efforts to make the routing layer of the Internet more secure (ex. the equipment vendor program), would you like to help lead the work? The MANRS community is seeking volunteers for its new Steering Committee. The committee will lead the community as it evolves its governance model.  more

IGF 2015 Tackling the Next Billion Online Challenge

Just two weeks ago, the United Nations hosted the Sustainable Development Summit (SDS) where the international community embraced a new global agenda. I was very pleased that ICTs were recognized as a crucial platform for the implementation of this agenda, which sets an ambitious goal to "significantly increase access to information and communications technology and strive to provide universal and affordable access to the Internet in least developed countries by 2020" (paragraph 9c of the text for the new Sustainable Development Goals). more

Coronavirus Online Threats Going Viral, Part 3: Mobile Apps

In part three of this series of posts looking at emerging internet content relating to coronavirus, we turn our attention to mobile apps - another digital content channel that can be used by criminals to take advantage of people's fears about the health emergency for their own gain.One of the most common attack vectors we have found in our analysis is the use of apps purporting to track global progression of COVID-19, or provide other information, but which instead incorporate malicious content. more

Internet, Mobile Connectivity a Lifeline for Refugees, Reports UNHCR

"Many refugees regard a connected device as being as vital to them as food, water or shelter," according to a new report from the UN Refugee Agency (UNHCR), and Accenture. more