Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybercriminals are continuing to exploit human nature and relying on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, according to Verizon 2016 Data Breach Investigations Report released today. more
In the upcoming Black Hat London presentation, security researcher from University College London, Vasilios Mavroudis and colleagues are going to describe and demonstrate the practical security and privacy risks that arise with the adoption systems enabled with ultrasonic cross-device tracking (uXDT). more
Web applications, on average, experience twenty seven attacks per hour, or roughly one attack every two minutes, according to the newly released Imperva Web Application Attack Report. Report also notes that when websites came under automated attack they received up to 25,000 attacks in one hour, or 7 attacks every second. more
Details of Infineon’s RSA key generation vulnerability was made public today after several announcements by vendors last week. more
The United States and Israel are reported to be responsible for developing the Flame virus aimed at collecting intelligence in preparation for cyber-sabotage aimed at slowing Iran's ability to develop a nuclear weapon, according to Western officials with knowledge of the effort. According the Washington Post, "[t]he massive piece of malware secretly mapped and monitored Iran's computer networks, sending back a steady stream of intelligence to prepare for a cyberwarfare campaign, according to the officials." more
Apollo 11 was the spaceflight which landed the first two humans on the Moon. Commander Neil Armstrong and lunar module pilot Buzz Aldrin landed the Apollo Lunar Module, Eagle, on July 20, 1969. Armstrong became the first person to step onto the lunar surface six hours later, and Aldrin joined him 19 minutes later. The two astronauts spent about two and a quarter hours outside the spacecraft, and they collected 47.5 pounds of lunar material to bring back. more
fTLD Registry Services, LLC has announced an agreement with Symantec Corporation to provide verification services for the ".bank" and ".insurance" generic top-level domains. According to the report, Symantec will be responsible for adding a layer of protection to the new domains by verifying the eligibility of companies requesting domain names, making sure the person requesting the domain name is authorized by the company and ensuring the name requested by the company complies with fTLD's policies. more
Edward Mc Nair will deliver the keynote address at the next regional meeting of the Caribbean Network Operators Group (CaribNOG), to be held in Bridgetown, Barbados from April 10 to 12. The featured talk will take place on Thursday 11 April at 9 am AST. A live netcast will be available. Mc Nair is the Executive Director of the North American Network Operators Group (NANOG). more
At the end of January, the DMARC (Domain-based Message Authentication, Reporting & Conformance) specification was publicly announced and resulted in widespread media coverage, blog posts and discussion. Since that time various individuals and organizations have been working on writing code for DMARC validators and report parsers. The dmarc-discuss list has been fairly active as various questions and issues have been raised and clarified. Now it is time to see how well the various implementations play together in live testing. more
The Western energy sector is being targeted by a new wave of cyberattacks capable of providing attackers ability to severely disrupt affected operations, according to reports on Wednesday. more
With companies realizing the threat of hefty fines, lawsuits, and executive resignations that can follow security breaches, companies are scrambling to scoop up scarce security experts. more
A few months ago, there was a lot of discussion that despite its claims, Zoom did not actually offer end-to-end encryption. They're in the process of fixing that, which is good, but that raises a deeper question: why trust their code? (To get ahead of myself, this blog post is not about Zoom.) If Zoom has the key but doesn't abuse it, there isn't a problem, right? Let's fast-forward to when they deploy true end-to-end encryption. Why do we trust their code not to leak the secret key? more
The Caribbean is under virtual siege as incidents of cyber attacks and cyber crimes surge across the region. "The sophisticated use of technology by highly incentivised criminal organisations has created unprecedented opportunities for transnational crime elements that no one region, country or entity can fight on its own. More inter-regional cooperation and collaboration are needed to develop and implement smart and integrated approaches to fight new and emerging cyber threats." more
In part 1, I talked about some of the risks associated with BYOD. But there are actions you can take to greatly reduce this risk. One effective method for limiting the risk of BYOD is to employ DNS-based security intelligence techniques. DNS-based security intelligence makes use of an enterprise's caching DNS server to monitor and block DNS queries to known botnet command and control (C&C) domains. more
Amidst all the recent reports of data breaches, Gunter Ollmann of IBM Internet Security Systems, has reported today about one particular case which may be the largest data breach to date. Ollmann wirtes: "The media has been full of analysis concerning data breaches over the last couple of weeks, mostly related to the uptick in 2008 reports. While much of this increase can be accounted for by the wider adoption of state legislation that mandates companies to publicly disclose their data breaches, I think it is worth pointing out today's latest disclosure -- which is quite probably the largest breach ever." more
A World-Renowned Source for Internet Developments. Serving Since 2002.