Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
There's a lot of misunderstanding about blockchain. A recent study by HSBC, for example, found that 59 percent of customers around the world had never heard of it. Yet, while that alone is quite telling, it's probably more alarming to consider the fact that very same poll revealed that 80 percent of people who had hard of blockchain did not understand what it is. This level of confusion isn't confined to the general population either. more
Leading Moscow-based anti-virus software provider Kaspersky Lab is planning to open a data center in Switzerland to address Western government concerns that Russia exploits its anti-virus software to spy on customers, according to a report from Reuters on Wednesday. more
Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For the past five years, this combination has been irresistible to attackers, and for good reason. This simple capability, of turning small requests into larger, 'amplified' responses, changed the Distributed Denial of Service (DDoS) attack landscape dramatically. more
According to Akamai, the incident was the largest attack seen to date, "more than twice the size of the September 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed." more
Possibly the first documented native IPv6 DDoS attack reported today suggests a DNS dictionary attack which originated from around 1,900 different native IPv6 hosts, on more than 650 different networks. more
One of the problems with trying to secure systems is the lack of knowledge in the community about what has or hasn't worked. I'm on record as calling for an analog to the National Transportation Safety Board: a government agency that investigates major outages and publishes the results. In the current, deregulatory political climate, though, that isn't going to happen. But how about a voluntary system? more
Former Yahoo CEO Marissa Mayer apologized today at the Senate Commerce, Science and Transportation hearing regarding massive data breaches at the internet company, blaming Russian agents. more
The website designated by Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, reports Brian Krebs in KrebsOnSecurity. more
Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it's possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other "smart" devices... more
A Verizon partner is reported to have exposed millions of Verizon customer accounts due to a misconfigured cloud-based file. more
The Anti-Phishing Working Group has released its latest Global Phishing Survey, written by myself and Rod Rasmussen. This report comprehensively examines a large data set of more than 250,000 confirmed phishing attacks detected in 2015 and 2016. By analyzing this cybercrime activity, we have learned more about what phishers have been doing, and how they have done it. Unfortunately, there's more phishing than ever, and phishers are registering more domain names than ever. more
Computer security costs money. It costs more to develop secure software, and there's an ongoing maintenance cost to patch the remaining holes. Spending more time and money up front will likely result in lesser maintenance costs going forward, but too few companies do that. Besides, even very secure operating systems like Windows 10 and iOS have had security problems and hence require patching. (I just installed iOS 10.3.2 on my phone. It fixed about two dozen security holes.) more
As G20 leaders from around the world gather this week, Germany wants them to agree to a concrete plan -- one that includes affordable Internet access across the world by 2025, common technical standards and a focus on digital learning. Today, the G20 economies, like so many other economies around the world, are digital and interconnected. Digital services have opened up new avenues for sustainable economic growth. more
Several years ago, vulnerability disclosure programs, also called "bug bounty" programs, were novel and eyed with suspicion. Given sensitivities and potential liabilities, companies are wary of public disclosure and hackers seeking to exploit research. When a hacker presented a flaw to a company, the company was more likely to be concerned about taking legal action than making a public announcement or offering a reward. That is changing. more
Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more
A World-Renowned Source for Internet Developments. Serving Since 2002.