Threat Intelligence |
Sponsored by |
|
The public discussion of surveillance one year on from the Snowden revelations remains a search for the biggest sinner. New stories 'outing' countries and companies are great transparency and essential for healthy societies but they have a side effect that isn't so benign: they create an evergreen source of new justifications for security services to demand more money for a surveillance and counter-surveillance arms race. more
In Tony Li's article on path MTU discovery we see this text: "The next attempt to solve the MTU problem has been Packetization Layer Path MTU Discovery (PLPMTUD). Rather than depending on ICMP messaging, in this approach, the transport layer depends on packet loss to determine that the packet was too big for the network. Heuristics are used to differentiate between MTU problems and congestion. Obviously, this technique is only practical for protocols where the source can determine that there has been packet loss. Unidirectional, unacknowledged transfers, typically using UDP, would not be able to use this mechanism. To date, PLPMTUD hasn't demonstrated a significant improvement in the situation." Tony's article is (as usual) quite readable and useful, but my specific concern here is DNS... more
Until now, the criminals behind malware and phishing have had only 22 generic top-level domain names (TLDs) to abuse -- names like .com, .net or .org. But with hundreds of new TLDs entering the marketplace, e.g. .buzz, .email, and .shop, there are many more targets than ever... What can attackers do with domain names? more
There has been a recent spate of well publicised Distributed Denial of Service (DDoS) attacks that bring websites down and render them useless, including Evernote and most recently Feedly. In light of this, here are some comments and tips to help companies evaluate and prepare not to be held for ransom or suffer lost reputation and sales as a result. more
Last week we heard of yet another egregious security breach at an online provider, as crooks made off with the names, address, and birth dates of eBay users, along with encrypted passwords. They suggest you change your password, which is likely a good idea, and you better also change every other place you used the same password. But that's not much help since you can't change your name, address, and birth date, which are ever so handy for phishing and identity theft. more
Over the last few years, there has been an increased effort to modernize the U.S. electric grid. Building a "Smart Grid" has been central in the effort to help utilities better manage their resources, minimize power outages and reduce energy consumption. However, adding more electronic devices and sensors to the grid's network has made it a prime target of cyberattacks, like Distributed Denial of Service (DDoS) attacks, which if successful, could cause wide-spread disruption of services affecting many other sectors. more
Recent comments on the name collisions issue in the new gTLD program raise a question about the differences between established and new gTLDs with respect to name collisions, and whether they're on an even playing field with one another. Verisign's latest public comments on ICANN's "Mitigating the Risk of DNS Namespace Collisions" Phase One Report, in answering the question, suggest that the playing field the industry should be concerned about is actually in a different place. The following points are excerpted from the comments submitted April 21. more
Today the e-mail faerie brought news of the release of BIND9 9.10.0 which can be downloaded from here. BIND9 is the most popular name server on the Internet and has been ever since taking that title away from BIND8 which had a few years earlier taken it from BIND4. I used to work on BIND, and I founded ISC, the home of BIND, and even though I left ISC in July 2013 to launch a commercial security startup company, I remain a fan of both ISC and BIND. more
According to a 2013 TwinStrata survey, 46 percent of organizations use cloud storage services and 38 percent plan to adopt this technology in the near future. Cloud storage capacity demands are increasing 40 to 60 percent year-over-year, while storage density lags behind at 20 percent. The result? More data, growing demands for space and increasing security concerns. How do enterprises overcome cloud storage security challenges? more
The recent discovery of the goto fail and heartbleed bugs has prompted some public discussion on a very important topic: what advice should cryptologists give to implementors who need to use crypto? What should they do? There are three parts to the answer: don't invent things; use ordinary care; and take special care around crypto code. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
