Threat Intelligence |
Sponsored by |
|
Apparently, at this stage, it is only a proposed ruling. But I am no lawyer. This story has been discussed before, when Spamhaus, which is located in the UK, was sued in the US by a spammer. They refused to come before the court as "they do no business in Illinois, and are located in the UK...After this court ruling, Spamhaus.org was under a DDoS attack, in my opinion for the purpose of preventing users from reaching the information it provided about the court ruling. This was done along-side a Joe Job, sending fake email appearing to come from Spamhaus's CEO... more
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more
As a strong proponent of the private right of action for all Internet endpoints and users, I've long been aware of the costs in complexity and chaos of any kind of "blocking" that deliberately keeps something from working. I saw this as a founder at MAPS back in 1997 or so when we created the first RBL to put some distributed controls in place to prevent the transmission of unwanted e-mail from low reputation Internet addresses. What we saw was that in addition to the expected costs (to spammers) and benefits (to victims) of this new technology there were unintended costs to system and network operators whose diagnostic and repair work for problems related to e-mail delivery was made more complex because of the new consideration for every trouble ticket: "was this e-mail message blocked or on purpose?" more
Harvard Business Review just ran an interesting article on the information security aspects of Internet of Things (IoT). Based on the storyline, the smart city initiatives are doomed to fail unless the security of the IoT devices and the systems will be improved. While security of the digital society is obviously a key concern, I am not entirely convinced that relying on the security of individual devices and systems is the best course of action. more
In October of 2016 the Mirai botnet came thundering onto the internet landscape. A digital Godzilla, a DDoS King Kong, this Internet of Things-powered behemoth began smashing DDoS attack records, online powerhouses like Reddit, Etsy, Spotify, CNN and the New York Times crumbling under its fists. When the dust had settled, and services had been restored, one thing seemed certain: a new era of DDoS attacks was upon us. Mirai was terrifying as a botnet but even worse as a harbinger. more
Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. ...However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. more
Want to be a cybersleuth and track down hackers? It may sound ambitious considering that malevolent entities are extremely clever, and tracing them requires certain skills that may not be easy to build for the typical computer user. But then again, the best defense is offense. And learning the basics of sniffing out cybercriminals may not only be necessary nowadays, it has become essential for survival on the Web. So where can you begin? more
As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more
The U.S. Internet Revenue Service now says that criminals already had most of the information that credit bureau Equifax lost in a breach that revealed personal information about nearly 150 million people. The incident at Equifax and the IRS' mid-October admission of how much-stolen data was already in criminal hands may force changes in how the world handles personal information. more
Although IPv6 DDoS attacks are not yet a common occurrence, there are indications that malicious actors have started testing and researching IPv6 based DDoS attack methods. more
A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks. more
This may or may not come as a shock to some of you, but ICANN's contract with the Domain Name Registrars, in terms of WHOIS inaccuracy is not enforceable. Bear with me. The ability of ICANN to enforce against a Registrar who fails to correct or delete a domain with false WHOIS does not exist. more
In a discussion about a recent denial of service attack against Twitter, someone asked, "Some class of suppliers must be making money off of the weaknesses. Anybody out there have a prescription for the cure?" Sure, but you're not going to like it. The Internet was originally a walled garden, where its operators knew who all the users were and could eject anyone who misbehaved... more
Internet Protocol addresses fill two unique roles. They are both identifiers and locators. They both tell us which interface is which (identity) and tell us how to find that interface (location), through routing. In the last myth, about network scanning, we focused mainly on threats to IPv6 addresses as locators. That is, how to locate IPv6 nodes for exploitation. Today's myth also deals with IPv6 addresses as identifiers. more
A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
