Threat Intelligence |
Sponsored by |
|
During a London conference, Huawei's chairman Liang Hua told reporters the company would sign no-spy agreements with governments as a response to United States' pressure on Europe to bar the Chinese telecommunications company over spying concerns. more
"Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state," reports Dan Goodin in Ars Technica. more
A team of developers including .SE (The Internet Infrastructure Foundation), LNetLabs, Nominet, Kirei, SURFnet, SIDN and John Dickinson have come together to create open source software, called OpenDNSSEC, to make it easier to deploy DNSSEC. Patrik Wallström, responsible for DNSSEC at .SE comments: "In order to spread the use of DNSSEC to an increased number of domain names, the management surrounding this technology must be simplified. Together with a number of collaborators, we're developing OpenDNSSEC. Leveraging our deployment experience, we will produce a well-packaged, easy-to-use and flexible DNSSEC tool that eliminates all manual procedures. Those in charge of name servers no longer need detailed knowledge about the protocol in order to use it." more
Google, which through its Postini email security and archiving service processes over 3 billion email connections a day, reports that despite recent series of major botnet takedowns, spam levels during the first quarter of 2010 have held fairly steady. "This suggests that there's no shortage of botnets out there for spammers to use. If one botnet goes offline, spammers simply buy, rent, or deploy another, making it difficult for the anti-spam community to make significant inroads in the fight against spam with individual botnet takedowns." more
Network security experts from across the U.S. government told a U.S. Senate Armed Services Subcommittee on Tuesday that federal networks have been thoroughly penetrated by foreign spies, and that current perimeter-based defenses that attempt to curb intrusions are outdated and futile. more
In August of last year I wrote in a blog about the importance of cryptech to wide-scale trust in the Internet. For those who don't know about it, http://cryptech.is is a project aiming to design and deploy an openly developed, trustable Hardware Security Module (HSM) which can act both as a keystore (holding your secrets and keeping them private) and as a signing engine. more
Ubiquiti Networks Inc., a San Jose based maker of networking technology, has disclosed that cyber criminals stole $46.7 million via a "business email compromise fraud involving employee impersonation." more
Introduced by ranking Senate members of the Homeland Security and Governmental Affairs Committee, the Protecting Cyberspace as a National Asset Act of 2010, S.3480 is intended to create an Office of Cyber Policy in the executive branch of the government, confirmed by the Senate and ultimately reporting to the president. Senators Joe Lieberman, Blanche Lincoln and Tom Carper introduced the bill publicly on June 10, and a critical part of the bill is that critical infrastructure networks such as electricity grids, financial systems and telecommunications networks need to cooperate with the Office of Cyber Policy. more
As anyone who's been in the DDoS attack trenches knows, large multi-gigabit attacks have become more prevalent over the last few years. For many organizations, it's become economically unfeasible to provision enough bandwidth to combat this threat. How are attackers themselves sourcing so much bandwidth? more
"We often refer to the Cuyahoga River in Cleveland that caught on fire over 20 times before we actually did something to introduce the Clean Water Act," says Allan Friedman, the director of cybersecurity initiatives for the Department of Commerce's National Telecommunications and Information Administration (NTIA), in conference call on Monday. more
At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more
Ransomware is a huge problem for small and medium businesses, and the most important question is this: should you pay the ransom? Ransomware has proven a successful revenue generator for criminals, which means the risk to businesses will grow as ransomware becomes more sophisticated and increasing numbers of ethically challenged criminals jump on the bandwagon. more
Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more
Seventy-five years ago today, on May 29th, 1934, Egyptian private radio stations fell silent, as the government shut them down in favor of a state monopoly on broadcast communication. Egyptian radio "hackers" (as we would style them today) had, over the course of about fifteen years, developed a burgeoning network of unofficial radio stations... It couldn't last. After two days of official radio silence, on May 31st, official state-sponsored radio stations (run by the Marconi company under special contract) began transmitting a clean slate of government-sanctioned programming, and the brief era of grass-roots Egyptian radio was over... more
Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
